Posts by Category

writeup

[HackTheBox] Cronos

Cronos begins with a simple DNS enumeration to find a hidden subdomain with a login page. Then we exploit SQL and command injection vulnerabilities to get a ...

[HackTheBox] Shocker

Shocker reminded me of my first days in cybersecurity. It is vulnerable to Shellshock which was my first ever vulnerability that I’ve exploited. Root part is...

[HackTheBox] Popcorn

Popcorn is a very simple box. It starts with simple file upload restrictions bypass to get user and uses a very interesting exploit to get root.

[HackTheBox] Mirai

Mirai was a very fun box! It requires thinking outside the box and compiling all information you have to guess some credentials. The root part requires knowl...

[HackTheBox] Blocky

Blocky teaches us not to reuse our credentials everywhere. It begins with a simple enumeration. Then we have to decompile some jars. Finally, it ends with th...

[HackTheBox] Beep

Beep is an easy machine that requires basic enumeration knowledge to complete it. It requires exploitation of simple LFI vulnerability to get root which make...

[HackTheBox] Lame

Lame is the oldest machine on HackTheBox. It is super-easy as it requires only basic enumeration followed by a simple exploit that instantly gives you a root...

Back to top ↑

hackthebox

[HackTheBox] Cronos

Cronos begins with a simple DNS enumeration to find a hidden subdomain with a login page. Then we exploit SQL and command injection vulnerabilities to get a ...

[HackTheBox] Shocker

Shocker reminded me of my first days in cybersecurity. It is vulnerable to Shellshock which was my first ever vulnerability that I’ve exploited. Root part is...

[HackTheBox] Popcorn

Popcorn is a very simple box. It starts with simple file upload restrictions bypass to get user and uses a very interesting exploit to get root.

[HackTheBox] Mirai

Mirai was a very fun box! It requires thinking outside the box and compiling all information you have to guess some credentials. The root part requires knowl...

[HackTheBox] Blocky

Blocky teaches us not to reuse our credentials everywhere. It begins with a simple enumeration. Then we have to decompile some jars. Finally, it ends with th...

[HackTheBox] Beep

Beep is an easy machine that requires basic enumeration knowledge to complete it. It requires exploitation of simple LFI vulnerability to get root which make...

[HackTheBox] Lame

Lame is the oldest machine on HackTheBox. It is super-easy as it requires only basic enumeration followed by a simple exploit that instantly gives you a root...

Back to top ↑

tool

Back to top ↑