DynamoDB & S3 Buckets – Bucket @ HackTheBox
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell to a local S3 bucket and at the end exploit an html to pdf converter.
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell to a local S3 bucket and at the end exploit an html to pdf converter.
Player is a hard box, that we solved in unintended ways that are partly patched now. read more
We are going to solve Delivery, a 20-point machine on HackTheBox. For user, we will bypass email verification on a... read more
This short write-up is about Irked, a rather easy machine on hackthebox featuring an irc backdoor, some steganography and a... read more
Video & additional notes for Resourced, an intermediate difficulty Windows machine on PG-Practice that involves password spraying and an RBCD... read more
This is a short walkthrough on Lustrous, a chain consisting of 2 machines on vulnlab. read more
Fortune is a 50 point machine on hackthebox.eu featuring OpenBSD. I was lucky enough to get first blood on this... read more
Solving Crossfit, a 50-point Linux machine on HackTheBox which involves a lot of cross-site scripting, a command-injection, and finally some... read more
In this short writeup I will show how I completed Access on hackthebox.eu, a quite easy windows box that involves... read more
We are solving Cereal, a 40-point machine on HackTheBox. For user, we will exploit a pretty tricky deserialization vulnerability in... read more
Bankrobber is a 50-point machine on hackthebox that involves exploiting a cross site scripting vulnerability to gain access to an... read more