HackTheBox-Writeups
HackTheBox-Writeups copied to clipboard
Published
20 hours ago •
f4T1H21
f4T1H21
Hack The Box writeups by Şefik Efe.
Hack The Box Writeups by Şefik Efe
Would you like to give me stars in Hack The Box? Thanks in advance :)
I'll be posting retired boxes' and some challenges' writeups.
You can search keywords and/or topics between writeups using top left corner search bar.
Index Table
My favourite writeup so far: Breadcrumbs
| Box | Writeup | Difficulty | OS | Foothold | Lateral Movement | Privilege Escalation |
|---|---|---|---|---|---|---|
 |
Backdoor | Easy | Linux | /proc enum using Dir traversal & GDB Server Remote Payload Exec | None | Screen cronjob |
 |
Secret | Easy | Linux | JS Code Review & Signing JWT using Bash, OS CMDI, Custom Exploitation | None | C Code Review & Leaking Memory by triggering CoreDumps |
 |
Driver | Easy | Windows | Grab NTLMv2 using SMB path in scf files | None | PrintNightmare (CVE-2021-1675) |
 |
Horizontall | Easy | Linux | Strapi CMS RCE | None | Sudo Heap Based Bof (sudoedit) & Laravel Exploitation (phpggc) |
 |
TheNotebook | Medium | Linux | JWT Auth RS256 | Home backup | Docker Escape Overwriting RunC |
 |
Armageddon | Easy | Linux | Drupalgeddon2 | MySQL | snapd (dirty_sock) |
 |
Breadcrumbs | Hard | Windows | LFI & PHP SESSION & Powershell File Upload | SQLite DB | Reversing & SQLi |
 |
Atom | Medium | Windows | Signature Validation Bypass in electron-updater | None | PortableKanban & redis |
 |
Ophiuchi | Medium | Linux | SnakeYaml Deserialization | None | WebAssembly formats |
 |
Spectra | Easy | Linux | WordPress reverse shell | None | initctl with sudo |
 |
Tentacle | Hard | Linux | CVE-2020-7247 | None | Cronjob abuse & Misconfigured keytab |
 |
Tenet | Medium | Linux | PHP Object Injection | None | Race Condition |
 |
ScriptKiddie | Easy | Linux | Msfvenom Template Injection | None | msfconsole with sudo |
─ Written by f4T1H ─
f4T1H21