Delivery from HackTheBox. Enumeration nmap We start an Nmap scan using the following command: sudo nmap -sC -sV -T4 {target_IP}. -sC: run all the default scripts. -sV: F...

Sea from HackTheBox start with CMS vulnerable to XSS that leads to RCE, so we exploit that to get foothold. After we find a hash of a user that we crack to get the password and have access ov...

Inject from HackTheBox has a website vulnerable to path traversal allowing to read files and identify a dependency running on the website that’s vulnerable to rce giving us a foothold. Once i...

U.A. High School from TryHackMe contains a hidden php file on a web server that we fuzz for parameters and find it executes os commands and we exploit that to get a shell. After that we find ...

Airplane from TryHackMe is an interesting box where we exploit a path traversal to read the cmdline of a process running on a non-standard port to find it’s gdb server, we exploit that to get...

Backdoor from HackTheBox starts with a directory traversal vulnerability we find on a wordpress plugin allowing us to read process’s cmdline and find gdbserver listening on a port, we upload ...

NanoCherryCTF from TryHackMe revolves around brute forcing and fuzzing web applications to gain foothold. then we exploit a cron job and extract and image from an audio file to get root. Enu...

Expose from TryHackMe starts with a login page vulnerable to sqli revealing secret pages where we can upload file. We bypass a local filter and upload a php reverse shell, once on the box we ...

Description: GreenHorn from HackTheBox start with finding the source code of an application in a Gitea instance. We retrieve the login password and exploit an RCE to get a foothold. We find ...

The Sticker Shop from TryHackMe is a simple web challenge where we exploit an XSS vulnerability to read the flag. Enumeration Web This is a web challenge and the website can be found on po...