Blog

Hack the Box – Password Hashes

Certain hashes might not be up to date as I have just implemented this feature as requested by Hack the Box. Send a screenshot of a root or comment on a blog post in the interim.

HTB – Doctor

Christopher Soehnlein2020-09-28T17:14:34-05:00September 28th, 2020|Categories: HTB, Technology|Tags: Doctor, HTB, Splunk, SSTI|

Doctor from HTB is an Easy CTF style box featuring Server Side Template Injection( SSTI) and some privilege escalation via Splunk.

HTB – Admirer

Christopher Soehnlein2020-09-26T10:26:08-05:00September 26th, 2020|Categories: HTB, Technology|Tags: Adminer, Admirer, DirBuster, HTB, Python, Shutil|

Admirer taught me the basics to dirb and using proper Word Lists. It also taught me that I am really bad at creating my own MySQL database (even for testing).

HTB – Compromised

Christopher Soehnlein2020-09-25T14:50:06-05:00September 17th, 2020|Categories: HTB, Technology|Tags: Compromised, disabled_functions, Ghidra, HTB, LiteCart, MySQL, PHP, phpinfo()|

Compromised from HTB is an incident response type box in which a Linux environment and eCommerce solution, LiteCart have been exploited.

HTB – Blackfield

Christopher Soehnlein2020-09-25T15:04:02-05:00September 15th, 2020|Categories: HTB, Technology|Tags: Blackfield, CrackMapExec, Evil-WinRM, HTB, john, Seatbelt, SeBackupPrivilege, smbmap, Windows|

Today in Blackfield from HTB I explore a real-world example of a Windows Server when an account used for a specific task is not removed after.

HTB – Passage

Christopher Soehnlein2020-09-25T15:09:10-05:00September 14th, 2020|Categories: HTB, Technology|Tags: CuteNews, HTB, Passage, Sha256, USBCreator, WSO|

Passage from HTB features a escalation using CuteNews and USBCreator as well as some base64/sha256 encrypted data.

HTB – Cache

Christopher Soehnlein2020-09-25T15:22:27-05:00August 20th, 2020|Categories: HTB, Technology|Tags: Cache, docker, HTB, Memcache, OperEMR, WSO|

Cache from Hack the Box (HTB) explores exploits available for the OpenEMR System. Once we get on the system we used Memcache to escalate.

HTB – Worker

Christopher Soehnlein2020-09-24T11:22:36-05:00August 18th, 2020|Categories: HTB, Technology|Tags: Azure, DevOps, Evil-WinRM, HTB, svn, Windows, Worker|

Today I go through Worker by Hack the Box a medium level machine that focuses mainly on Azure DevOps on IIS. I highly recommend this box.

HTB – Magic

Christopher Soehnlein2020-09-24T11:44:42-05:00August 17th, 2020|Categories: HTB, Technology|Tags: Exiftool, HTB, Magic, MySQLDump, pspy, SQL|

Today I run through Magic by Hack the Box. This guide has me using SQL Authentication Bypasses, ExifTool, MySQLDump and pspy.

HTB – BUFF

Christopher Soehnlein2020-09-25T15:55:52-05:00August 13th, 2020|Categories: HTB, Technology|Tags: BUFF, Buffer Overflow, MSFVenom, Pivot, Plink|

I workout my brain in this easy machine from Hack the Box called BUFF. I explore light buffer overflows and pivoting.

Load More Posts

Subscribe To Receive My Latest Thoughts

If you like what you’ve read why not subscribe and get updated when a new post goes live?

We promise to only send relevant Blog related emails.

IslandDog Thoughts