TL;DR This is a writeup on Arctic which is a Linux box categorized as easy on HackTheBox, and has Adobe’s ColdFusion as a primary service running on it. The exploitation essentially leverages enumeration and CVEs, namely Adobe ColdFusion – Directory Traversal & MS10_092. Interestingly, it does require us to escalate the user privileges for obtaining […]
Legacy Writeup/Walkthrough Hack the box
Legacy Writeup Summary TL;DR This writeup is based on Legacy on Hack the box. It was a windows box. It starts with Samba. In this machine, Samba has two bugs, which are SMB vulnerability(Eternal Blue or MS17-010) and Remote Code Execution vulnerability (MS08-067). We have both ways to exploit the vulnerability and get the shell. […]
Redcross Writeup / Walkthrough Hack the box
Redcross writeup Summery TL;DR This Writeup is about Redcross on hack the box. It was a Linux box. It starts off with web exploitation via xss on admin stealing his cookies to login to the admin panel. Than command injection in the firewall to get a shell as www-data after recon we find the password […]
Enterprise Writeup / Walkthrough Hack the box
Enterprise Writeup TL;DR This Writeup is about Enterprise, on hack the box. It was a Linux box. It starts off with a SQLInjection for an initial foothold. We dump a database find passwords login to WordPress and get a shell. There we find we are in a docker network. So we port forward a host and […]
Traverxec Writeup / Walkthrough Hack the box
Traverxec writeup Summery TL;DR This Writeup is about Traverxec, on hack the box. It was a Linux box. It starts off with a public exploit on Nostromo web server for the initial foothold. Then we enumerate and find a directory readable by www-data inside a david users home directory there we find a ssh key […]
Postman Writeup / Walkthrough Hack the box
Postman Writeup Summery TL;DR This Writeup is about Postman, on hack the box. It was a Linux box that starts off with Redis exploitation to get an initial foothold. Then we enumerate and find an encrypted ssh key of matt. Next, we crack the ssh key’s passphrase. We use the same credentials on the Webmin […]
Heist Writeup / Walkthrough Hack the box
Heist Writeup Summery TL;DR This writeup is about Heist, it was a windows box that starts off with a webserver we log in as a guest. There we find a config file in which we find encrypted hash’s. from there we get the password. we do a deep port scan find a winrm open we […]
Exploit Education Phoenix | Practical Stack Exploitation
Stack Exploitation like a pro. Stack Exploitation seems pretty intense although it’s easy. In this post, we’ll solve all the stack challenges there are 6 stack exploitation challenges in Pheonix CTF. This is a series of stack exploitation challenges. Starting from Stack zero which is a memory overwriting challenge advances by each level. If you […]
Exploit Education Phoenix | Practical Binary Exploitation
This is a practical guide on a number of binary exploitation techniques, if you are a binary exploitation noob then this is the guide for you. ever wanted to learn about reverse engineering but didn’t because it was too hard? there was a lot of advanced material but not much for noobs. Say no more […]