JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
31Jul
Related Posts
27Mar
Luanne @ HackTheBox
Solving Luanne on HackTheBox. This is an easy 20-point machine involving a simple command injection and some password cracking. read more
02Mar
Access @ HackTheBox
In this short writeup I will show how I completed Access on hackthebox.eu, a quite easy windows box that involves... read more
11Jul
Book @ HackTheBox
Book is a 30-point Linux machine on HackTheBox. We log into a web application by exploiting SQL truncation and then... read more
18Apr
Mango @ HackTheBox
Mango is a 30-point linux machine on hackthebox that involves a NoSQL-Injection which allows to obtain user passwords from a... read more
09May
Obscurity @ HackTheBox
Obscurity is a 30-point Linux machine on HackTheBox that involves exploiting a command injection in a custom webserver, breaking a... read more
04Jul
ForwardSlash @ HackTheBox
ForwardSlash is a 40-point Linux Machine on HackTheBox. We use a path traversal vulnerability to get ssh credentials and abuse... read more
16May
SwagShop @ HackTheBox
SwagShop is a very easy machine on hackthebox, involving a public exploit and sudo abuse. read more
15Feb
Json @ HackTheBox
Json is a 30-point system on HackTheBox that involves exploiting a .NET deserialization vulnerability and has multiple ways for privilege... read more
16Jan
Lab – Rainbow Walkthrough
Rainbow is a medium difficulty machine that involves a SEH-based buffer overflow for user and a UAC bypass for root. read more
23Mar
Frolic @ HackTheBox
Frolic is a medium difficulty machine on hackthebox.eu, featuring a lot of CTF-ish language conversions, the usage of a public... read more