Posts by Tag

sudo

[HackTheBox] Shocker

Shocker reminded me of my first days in cybersecurity. It is vulnerable to Shellshock which was my first ever vulnerability that I’ve exploited. Root part is...

[HackTheBox] Mirai

Mirai was a very fun box! It requires thinking outside the box and compiling all information you have to guess some credentials. The root part requires knowl...

[HackTheBox] Blocky

Blocky teaches us not to reuse our credentials everywhere. It begins with a simple enumeration. Then we have to decompile some jars. Finally, it ends with th...

Back to top ↑

metasploit

[HackTheBox] Lame

Lame is the oldest machine on HackTheBox. It is super-easy as it requires only basic enumeration followed by a simple exploit that instantly gives you a root...

Back to top ↑

dns

[HackTheBox] Cronos

Cronos begins with a simple DNS enumeration to find a hidden subdomain with a login page. Then we exploit SQL and command injection vulnerabilities to get a ...

[HackTheBox] Mirai

Mirai was a very fun box! It requires thinking outside the box and compiling all information you have to guess some credentials. The root part requires knowl...

Back to top ↑

exploit

Back to top ↑

lfi

[HackTheBox] Beep

Beep is an easy machine that requires basic enumeration knowledge to complete it. It requires exploitation of simple LFI vulnerability to get root which make...

Back to top ↑

scripting

Back to top ↑

wordpress

[HackTheBox] Blocky

Blocky teaches us not to reuse our credentials everywhere. It begins with a simple enumeration. Then we have to decompile some jars. Finally, it ends with th...

Back to top ↑

ftp

[HackTheBox] Lame

Lame is the oldest machine on HackTheBox. It is super-easy as it requires only basic enumeration followed by a simple exploit that instantly gives you a root...

Back to top ↑

smb

[HackTheBox] Lame

Lame is the oldest machine on HackTheBox. It is super-easy as it requires only basic enumeration followed by a simple exploit that instantly gives you a root...

Back to top ↑

http

[HackTheBox] Beep

Beep is an easy machine that requires basic enumeration knowledge to complete it. It requires exploitation of simple LFI vulnerability to get root which make...

Back to top ↑

elastix

[HackTheBox] Beep

Beep is an easy machine that requires basic enumeration knowledge to complete it. It requires exploitation of simple LFI vulnerability to get root which make...

Back to top ↑

suid

Back to top ↑

jar

[HackTheBox] Blocky

Blocky teaches us not to reuse our credentials everywhere. It begins with a simple enumeration. Then we have to decompile some jars. Finally, it ends with th...

Back to top ↑

raspbian

[HackTheBox] Mirai

Mirai was a very fun box! It requires thinking outside the box and compiling all information you have to guess some credentials. The root part requires knowl...

Back to top ↑

usb

[HackTheBox] Mirai

Mirai was a very fun box! It requires thinking outside the box and compiling all information you have to guess some credentials. The root part requires knowl...

Back to top ↑

upload

[HackTheBox] Popcorn

Popcorn is a very simple box. It starts with simple file upload restrictions bypass to get user and uses a very interesting exploit to get root.

Back to top ↑

motd

[HackTheBox] Popcorn

Popcorn is a very simple box. It starts with simple file upload restrictions bypass to get user and uses a very interesting exploit to get root.

Back to top ↑

shellshock

[HackTheBox] Shocker

Shocker reminded me of my first days in cybersecurity. It is vulnerable to Shellshock which was my first ever vulnerability that I’ve exploited. Root part is...

Back to top ↑

perl

[HackTheBox] Shocker

Shocker reminded me of my first days in cybersecurity. It is vulnerable to Shellshock which was my first ever vulnerability that I’ve exploited. Root part is...

Back to top ↑

sql

[HackTheBox] Cronos

Cronos begins with a simple DNS enumeration to find a hidden subdomain with a login page. Then we exploit SQL and command injection vulnerabilities to get a ...

Back to top ↑

injection

[HackTheBox] Cronos

Cronos begins with a simple DNS enumeration to find a hidden subdomain with a login page. Then we exploit SQL and command injection vulnerabilities to get a ...

Back to top ↑

cronjobs

[HackTheBox] Cronos

Cronos begins with a simple DNS enumeration to find a hidden subdomain with a login page. Then we exploit SQL and command injection vulnerabilities to get a ...

Back to top ↑

web

Back to top ↑

ctf

Back to top ↑

shell

Back to top ↑

tool

Back to top ↑

eternalblue

Back to top ↑

rce

Back to top ↑

tomcat

Back to top ↑