Things have been busy and I haven’t done a writeup in a while nor much HackTheBox. However I made time for this box as it was not only created by my friend burmat but it also involved software that I heavily used as a sysadmin which made me more interested....
[Read More]
HackTheBox - Canape Writeup
I really enjoyed this box a lot as it took some creative thinking to get the initial shell and required analyzing and writing some python. Lot’s of new things I hadn’t been exposed to either so it was a great learning experience.
[Read More]
HackTheBox - Poison Writeup
Poision is a pretty straight forward box overall but did include a couple of unique things which made it fun.
[Read More]
HackTheBox - Stratosphere Writeup
Pretty fun and quick box with some creative thinking required for getting the initial shell.
[Read More]
HackTheBox - Valentine Writeup
I thought this was a fun quick box. I remember when Heartbleed was all the craze, but I had never actually exploited it before Valentine. The box maker did a good job setting up extracting sensitive information out out memory via the vulnerability and giving us a nice simulation of...
[Read More]
HackTheBox - Aragog Writeup
I liked Aragog simple because it had me do a few new things for initial access and root. Overall not super difficult but still fun.
[Read More]
HackTheBox - Bart Writeup
This writeup is from a few months ago. I’ve currently been super busy with OSCE and whatnot. Overall this wasn’t too bad of a box and I learned a new WinRM trick in the process.
[Read More]
HackTheBox - Chatterbox Writeup
Enumeration
[Read More]
HackTheBox - CrimeStoppers Writeup
Enumeration
[Read More]
HackTheBox - Tally Writeup
Tally is enumeration galore, full of red herrings, distractions, and rabbit holes. I spent hours digging through files and directories on this one. Tally will test your patience but it felt like a very realistic box so I enjoyed it. An interesting exploit at the end as well. Let’s get...
[Read More]
HackTheBox - Inception Writeup
This one was a bit of a doozy but pretty well done and required some pretty thorough enumeration. Kudos to the box creator on the creative setup!
[Read More]
HackTheBox - Sense Writeup
Sense is kind of mixed box for me. I wasn’t particularly fond of the long brute forcing fishing for a file, but getting code execution was pretty interesting for the exploit. I also wrote up a python script to fully automate the exploitation once you have valid credentials (see at...
[Read More]
HackTheBox - Node Writeup
This is probably one of the best boxes released on HTB thus far. Each step felt like a treasure hunt, also I really enjoyed getting more familiar with MongoDB as well. Do yourself a favor and go do this box!
[Read More]
HackTheBox - Mantis Writeup
Mantis takes a lot of patience and a good bit of enumeration. The final exploit is also pretty cool as I had never done anything like it before. Really happy to see a domain controller finally pop up in HackTheBox.
[Read More]
HackTheBox - Joker Writeup
This is probably the first hard box that I actually enjoyed on HackTheBox. Most of the things clicked and I was able to get through much of it fairly quickly overall. Highly recommend this one.
[Read More]
HackTheBox - Arctic Writeup
I did this box quite some time ago as it was one of the first ones I did when first starting HackTheBox. I recently helped out someone who was working on this box so I decided to reorganize my notes, as they were somewhat of a mess and restructure them...
[Read More]