Academy @ HackTheBox
Solving Academy on HackTheBox, a 20-point Linux machine on HackTheBox that involves a Laravel deserialization RCE, stored credentials & sudo composer.
27Feb
Related Posts
28Aug
FTP to Web Shell & SeImpersonate – AuthBy @ PG Practice
AuthBy is a medium difficulty Windows machine on PG Practice. It involves getting FTP access to the web root of... read more
12Jun
PHP Unserialize & Race Condition – Tenet @ HackTheBox
We are solving Tenet, a 30-point machine HackTheBox that involves a simple PHP deserialization vulnerability, password reuse and a race... read more
17Apr
Exploiting Gitlab 12.8.1 – Laboratory @ HackTheBox
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for... read more
13Jun
Monteverde @ HackTheBox
Monteverde is a 30-point Windows machine on HackTheBox that involves some LDAP and SMB enumeration to get the user flag.... read more
06Nov
Active Directory, Reverse Engineering & Unintended Solutions – Pivotapi @ HackTheBox
We are solving Pivotapi, a 50-point Windows machine on HackTheBox. This one involves some Reverse Engineering, MSSQL, and Active Directory... read more
10May
Angr & Basic Binary Exploitation – Binary Heaven @ TryHackMe
We are going to solve "Binary Heaven", a room on TryHackMe. It starts with some light reversing and debugging, and... read more
14Mar
Postman @ HackTheBox
Postman is a 20-point machine on hackthebox, that involves using redis to write an ssh key to disk, cracking the... read more
18Jan
Player @ HackTheBox
Player is a hard box, that we solved in unintended ways that are partly patched now. read more
14Apr
Kryptos @ HackTheBox
Kryptos is 50 points machine on hackthebox, involving some interesting techniques, like setting up a fake database and making the... read more
03Jul
SnakeYAML, Go & WebAssembly – Ophiuchi @ HackTheBox
We are going to solve Ophiuchi a 30-point machine on HackTheBox that involves a YAML parser vulnerability and a custom... read more