WordPress file exposed, lot’s of manual enumeration and a weird and interesting way for starting a new process.
HackTheBox
HackTheBox – Academy
Using an unserialized token we can open a reverse-shell on the remote machine, gain the access to the user scanning…
HackTheBox – ScriptKiddie
There is no excerpt because this is a protected post.
HackTheBox – Time
Keep your failure for you… or in this case Error. Bypassing java library and gaining the access to the machine…
HackTheBox – Tabby
Hidden link, LFI and java reverse-shell for an easy machine based on tomcat with Alpine as privilege escalation.
HackTheBox – Sense
Not so much to say to be honest, just keep enumerating, fuzzing and digging on the version of what you…
HackTheBox – Optimum
Very easy machine and usefull for a better understanding of metasploitframework cause it force you to use some command like…
HackTheBox – Mirai
A closed website? That’s kinda weird, maybe a rabbit hole? Nah, just a Pi-Hole and a look in the trash…
HackTheBox – Legacy
Sometimes the most basic tool used in the right way can give you the most powerful result as shown in…
HackTheBox – Lame
An outdated samba service give us the opportunity to lead this dance and own this machine