Outdated Write-Up

2022-12-08 — Written by MØstXeon — 13 min read
#HackTheBox  #Windows  #Active-Directory  #Smbclient  #SMTP  #Sendemail  #Phishing  #CVE-2022-30190  #Invoke-PowerShellTcp  #BloodHound  #SharpHound.ps1  #Invoke-RestMethod-Transfer-Files  #Shadow-Credentials  #Whisker  #Rubeus  #Evil-WinRM  #WinPEAS  #WSUS-Attack  #SharpWSUS 

Medium

Outdated
Machine created by ctrlzero
Read more →

Carpediem Write-Up

2022-12-02 — Written by MØstXeon — 16 min read
#HackTheBox  #Linux  #Bruteforce  #Virtual-Host-Enumeration  #Gobuster  #Insecure-Direct-Object-Reference  #Burp-Suite  #File-Upload  #Docker  #Mongodb  #Mongosh  #Static-Nmap  #Full-TTY-Python  #Port-Forwarding  #Chisel  #Zoiper  #Clear-Text-Credentials  #Backdrop  #SSL-Sniffing  #SSL-Decryption  #Backdrop-RCE  #Full-TTY-Script  #CVE-2022-0492  #Docker-Escape 

Hard

Carpediem
Machine created by ctrlzero & TheCyberGeek
Read more →

Redpanda Write-Up

2022-11-27 — Written by MØstXeon — 9 min read
#HackTheBox  #Linux  #Server-Side-Template-Injection  #Wfuzz  #Spring-Boot-Java  #Process-Snooping  #Pspy  #Fully-Interactive-Shell  #Source-Code-Review  #XML-External-Entity-Injection 

Easy

Redpanda
Machine created by Woodenk
Read more →

Shared Write-Up

2022-11-11 — Written by MØstXeon — 16 min read
#HackTheBox  #Linux  #SQL-Injection  #Burp-Suite  #SQLMap  #Password-Cracking  #Hashcat  #Password-Reuse  #Process-Snooping  #Pspy  #ipython  #Redis  #Port-Forwarding  #Chisel  #Redis-Tools  #CVE-2022-21699  #CVE-2022-0543 

Medium

Shared
Machine created by Nauten
Read more →

Moderators Write-Up

2022-11-03 — Written by MØstXeon — 23 min read
#HackTheBox  #Linux  #File-Upload  #Bruteforce  #PHP  #Bypass-File-Extension-Validation  #Burp-Suite  #Disable-Functions  #Uploading-Files-curl  #Wordpress  #Port-Forwarding  #Chisel  #mysql  #Password-Cracking  #Hashcat  #bruteforce-luks  #VirtualBox  #VirtualBox-Encryption  #Luks2  #Clear-Text-Credentials  #Password-Reuse 

Hard

Moderators
Machine created by kavigihan
Read more →

Trick Write-Up

2022-10-28 — Written by MØstXeon — 10 min read
#HackTheBox  #Linux  #DNS  #BruteForce  #Virtual-Host-Enumeration  #Gobuster  #Ffuf  #LFI  #Fail2ban  #Hydra  #SSHPass 

Easy

Trick
Machine created by Geiseric
Read more →

Faculty Write-Up

2022-10-18 — Written by MØstXeon — 8 min read
#HackTheBox  #Linux  #SQL-Injection  #ExifTool  #MPDF  #Burp-Suite  #LFI  #Python3-Script  #Clear-Text-Credentials  #Password-Reuse  #meta-git  #GDB  #Linux-Capabilities  #cap_sys_ptrace 

Medium

Faculty
Machine created by gbyolo
Read more →

Opensource Write-Up

2022-09-28 — Written by MØstXeon — 15 min read
#HackTheBox  #Linux  #Source-Code-Review  #Python  #Flask  #Git  #Clear-Text-Credentials  #Path-Traversal  #Burp-Suite  #Port-Forwarding  #Chisel  #Gitea  #Process-Snooping  #Pspy  #git-hooks  #Git-Pre-Commit 

Easy

Opensource
Machine created by irogir
Read more →

Scrambled Write-Up

2022-09-27 — Written by MØstXeon — 18 min read
#HackTheBox  #Windows  #Active-Directory  #BruteForce  #Kerbrute  #Password-Cracking  #MSSQL  #xp_cmdshell  #Impacket-Scripts  #Kerberos  #Silver-Ticket  #Service-Principal-Names  #Reverse-Engineering  #Custom-Application  #.net  #DNSpy  #Desirialization  #BinaryFormatter  #ysoserial 

Medium

Scrambled
Machine created by VbScrub
Read more →