HTB – Backdoor
Backdoor from HTB features a WordPress environment with an LFI. We use the LFI to find gdbserver which we exploit. Finally we use screen, which runs as root.
HTB – Shibboleth
Shibboleth from HTB features an exploitable IPMI open on UDP and Zabbix actions for a reverse shell. Once on the box we exploit a vulnerable MariaDB for root.
HTB – Bolt
Bolt from HTB features a website information leakage, subdomains and an SSTI. Once on the box we decrypt a PGP key and encrypted mail for root.
HTB – Horizontall
Horizontall features a hidden vhost with an exploitable strapi. Once on the box we exploit a vulnerable laravel using an SSH port forward.
HTB – Forge
Forge by NoobHacker9999 features a directory traversal/LFI exploitable website and hidden vhost. Once on the box you use python debugger on a script for root.
HTB – Previse
Previse from HTB features an exploitable website with POST request registration and a unsanitized parameter. On the box you use PATH injection on a script to get root.
HTB – Writer
Writer from HTB features a website with a weak login and a code executable uploader. Once on the box we exploit postfix and apt allowing us to get root.
HTB – Pikaboo
Pikaboo is a Hard box created by pwnmeow and polarbearer. It features poorly configured web server vulnerable to an LFI and log poisoning technique.
Steam Phishing Attempt – United Pro Battle
Exploring the United Pro Battle phishing attempt through Steam using fake Steam sign-in JavaScript based popup.
HTB – Intelligence
Intelligence is an Medium Windows box created by Micah. It features a website with discoverable internal documents, password reuse and a DNS rebinding scenario.
HTB – BountyHunter
BountyHunter is an Easy box by ejedev. It has a poorly configured XML form vulnerable to an XXE/LFI which gives us creds. Next we exploit a script for root.
HTB – Seal
Seal is an Medium box created by MrR3boot. It features a web server with an exploitable Tomcat and nginx traversal. Once on the box we use ansible to escalate.