trustie_rity·1 day agoSick ROP : HTB pwn challengeSick ROP is an Easy rated HTB pwn challenge. To be honest its not that easy if you haven’t set your binary exploitation basics right. In this blog i will be writing in detail each step i took in solving this challenge. On the platform you can download the binary…Htb Writeup7 min readHtb Writeup7 min read
Madfoxsec·May 26antique (hackthebox) writeupUser Scanning TCP ports shows just port 23 running telnet , but a UDP scan shows snmp running on port 161. I try to connect via nc to telnet:Htb Writeup4 min readHtb Writeup4 min read
Madfoxsec·May 24nunchucks (hackthebox) writeupStarting off with nmap: PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 3072 6c146dbb7459c3782e48f511d85b4721 (RSA) | 256 a2f42c427465a37c26dd497223827271 (ECDSA) |_ 256 e18d44e7216d7c132fea3b8358aa02b3 (ED25519) 80/tcp open http…Htb Writeup4 min readHtb Writeup4 min read
DeadSec·May 23HTB: Stocker WriteUpThe Stocker machine in HackTheBox is a challenging virtual machine designed to test and improve penetration testing skills. This machine revolves around a web application hosted on an NGINX web server. …Htb Writeup6 min readHtb Writeup6 min read
Meet Mangukiya·May 21Template injection: HTBHello, my dear friends, and welcome to my first writeup on HTB. In this blog, I will describe all the steps and the systematic method, and in addition, I will try to explain a few topics. …Htb Writeup3 min readHtb Writeup3 min read
cowabunga·May 15Pentesting: Kubernetes[HTB] SteamCloud — (Retired) Storytime: In this edition we’ll be taking a look at the retired Hack The Box machine “SteamCloud’. I approached this completely blind, without reading up about Kubernetes, so it was a bit of a learning curve and took longer than it probably should’ve. …Htb Writeup6 min readHtb Writeup6 min read
Raj (CISSP | CCSP | CISA | CRISC | AWS | ISO| PMP)·May 12Updated Walk-through of HTB ForestThis write up is HTB Forest room. This is indispensable room for applying AD hacking tricks and methods from OSCP/PNPT preparation prospective. Various tools specific to AD attacking used here specially BloodHound. During privilege escalations, I have to refer the original walk-through of document which may be require update. so…Htb Writeup9 min readHtb Writeup9 min read
Rishabh Rai·May 9Redeemer HTB (Starting Point)Hello everyone, We are onto our next machine today which is a Linux machine and it has implementation of Redis server and techniques used to pentest redis service. Let’s get started with the nmap scan on the machine IP.Htb Writeup4 min readHtb Writeup4 min read
trustie_rity·May 7Escape Coursework : HTBEscape is a medium rated windows box on HTB platform and this is how i went about solving it. Enumeration Using nmap we get the following information back. PORT STATE SERVICE VERSION 53/tcp open domain…Htb Writeup4 min readHtb Writeup4 min read
Sakibul Ali Khan·Apr 28Templated — HTB Web Challenge WriteupCHALLENGE DESCRIPTION Can you exploit this simple mistake? First Start Instance and then you are provided with an web address in the form of <ip>:<port>. Copy it and open it in another tab or browser. In my case it was http://134.209.18.1:30563 Now let’s visit the webpage:Htb Writeup2 min readHtb Writeup2 min read
