Blog

Hack the Box

Certain hashes might not be up to date as I have just implemented this feature as requested by Hack the Box. If anyone is having issues with hashes Contact Here.

HTB Assistance

HTB – Compromised

Christopher Soehnlein2021-01-23T23:49:01-05:00January 23rd, 2021|Categories: HTB, Technology|Tags: Compromised, disabled_functions, Ghidra, HTB, LiteCart, MySQL, PHP, phpinfo()|

Compromised from HTB is an incident response type box in which a Linux environment and eCommerce solution, LiteCart have been exploited.

HTB – Unbalanced

Christopher Soehnlein2021-01-18T11:55:47-05:00January 17th, 2021|Categories: HTB, Technology|Tags: EncFS, HTB, Pi-Hole, RSync, SQL, squid, Unbalanced|

Unbalanced is a (really) Hard CTF style box from HTB. It features a squid web proxy, some EncFS encrypted data, and a privilege escalation through Pi-Hole.

HTB – Blackfield

Christopher Soehnlein2020-10-10T10:39:40-05:00October 3rd, 2020|Categories: HTB, Technology|Tags: Blackfield, CrackMapExec, Evil-WinRM, HTB, john, Seatbelt, SeBackupPrivilege, smbmap, Windows|

Today in Blackfield from HTB I explore a real-world example of a Windows Server when an account used for a specific task is not removed after.

HTB – Laboratory

Christopher Soehnlein2021-04-27T11:22:55-05:00April 27th, 2021|Categories: HTB, Technology|Tags: GitLab, HTB, Laboratory, PATH Abuse, pspy|

Laboratory is a Easy Apache web-server box with an exploitable version of GitLab from HTB and created by oxc45.

HTB – Worker

Christopher Soehnlein2021-01-31T11:24:36-05:00January 30th, 2021|Categories: HTB, Technology|Tags: Azure, DevOps, Evil-WinRM, HTB, svn, Windows, Worker|

Today I go through Worker by Hack the Box a medium level machine that focuses mainly on Azure DevOps on IIS. I highly recommend this box.

HTB – Ready

Christopher Soehnlein2021-02-18T14:58:37-05:00January 27th, 2021|Categories: HTB, Technology|Tags: docker, GitLab, GitLab 11.4.7, HTB, Ready|

Ready is a Medium 'CTF' style box from HTB and created by bertolis. It showcases problems in GitLab community edition and escaping docker vms.

HTB – Tenet

Christopher Soehnlein2021-01-21T14:59:32-05:00January 21st, 2021|Categories: HTB, Technology|Tags: HTB, Object Injection, PHP, Tenet, WordPress|

Delivery is a Medium Apache web-server box running WordPress with a unserialize PHP exploit from Hack the Box and created by egotisticalSW.

HTB – Delivery

Christopher Soehnlein2021-01-21T14:45:30-05:00January 19th, 2021|Categories: HTB, Technology|Tags: Delivery, hashcat, HTB, MatterMost, Mentalist|

Delivery is a Easy 'Real World' style box from HTB and created by IPPSEC. It showcases problems in Help-desk systems and password reuse.

HTB – SneakyMailer

Christopher Soehnlein2021-01-18T11:56:08-05:00January 17th, 2021|Categories: HTB, Technology|Tags: GoBuster, hashcat, phishing, pip, PyPI, swaks, URL encoded|

SneakyMailer is a Medium CTF style box from HTB. It features a phishing lite approach of an intranet platform. Once we get creds we use pypiserver to escalate.

HTB – Omni

Christopher Soehnlein2021-01-18T11:56:04-05:00January 17th, 2021|Categories: HTB, Technology|Tags: Core, HTB, IoT, SirepRAT, Windows|

Omni from HTB is an Easy 'real world' box where we exploit vulnerabilities in the Windows IoT Core platform through the use of SirepRAT.

HTB – BUFF

Christopher Soehnlein2021-01-18T11:55:55-05:00January 17th, 2021|Categories: HTB, Technology|Tags: BUFF, Buffer Overflow, MSFVenom, Pivot, Plink|

I workout my brain in this easy machine from Hack the Box called BUFF. I explore light buffer overflows and pivoting.

HTB – OpenKeyS

Christopher Soehnlein2021-01-18T11:55:42-05:00January 17th, 2021|Categories: HTB, Technology|Tags: -schallenge:passwd, CVE-2019-19520, HTB, OpenBSD, OpenKeyS|

OpenKeyS from HTB is an Easy, labeled Medium box based on a fictitious SSH sharing platform and the OpenBSD Authentication Bypass (CVE-2019-19521).

HTB – Fuse

Christopher Soehnlein2020-11-01T10:36:13-05:00November 1st, 2020|Categories: HTB, Technology|Tags: Capcom.sys, CME, CrackMapExec, Evil-WinRM, Fuse, HTB, rpcclient, seloaddriverprivilege|

Fuse from HTB is a Medium Windows vulnerability assessment based box in which you build a brute-force list Papercut and escalate with seloaddriverprivilege.

12 Next

Subscribe To Receive My Latest Thoughts

If you like what you’ve read why not subscribe and get updated when a new post goes live?

We promise to only send relevant Blog related emails.

IslandDog Thoughts

Hack the Box

Subscribe To Receive My Latest Thoughts