HackTheBox - Permx
Description: Permx from HackTheBox is running an LMS vulnerable to file upload leading to RCE giving us foothold on the machine. Once in we find a clear text password that we use to switch t...
Description: Permx from HackTheBox is running an LMS vulnerable to file upload leading to RCE giving us foothold on the machine. Once in we find a clear text password that we use to switch t...
Editorial from HackTheBox start with SSRF that we exploit to find an internal service and get our first set of credentials. After we ssh we find another credentials in a .git repository. The ...
Backtrack from TryHackMe revolves around ../, from lfi to file upload down to wild card exploit, nothing else to say besides that it’s a wonderful box where you will learn new things. Enumer...
Weasel from TryHackMe has a beautiful mix between linux and windows. We start by finding jupyter token on an smb share allowing us to login and get a reverse shell on a wsl linux machine. On ...
CyberLens from TryHackMe is an easy box running a software on a non standard port that is vulnerable to RCE giving us a foothold. After that we run exploit suggester on metasploit and use the...
Pyrat from TryHackMe involves exploiting a python script running on the machine to get both foothold and privilege escalation, but the last part requires us to write a script to brute force a...
Description: Mkingdom from TryHackMe is running a web server with a cms that allows file upload, we exploit that to get foothold. On the machine we find credentials on the config file giving...
Publisher from TryHackMe has a website vulnerable to rce giving us foothold, after that we bypass apparmor restrictions so we can exploit an SUID binary to get root. Enumeration nmap We st...
CheeseCTF from TryHackMe has a login page on a website vulnerable to SQLi allowing us to bypass the login and access the dashboard. After that we find an LFI which we exploit to get a foothol...
Boardlight from HackTheBox is running a website vulnerable to code injection givin us a foothold. We find a password inside a config file which we use to elevate our privileges. Then we find ...