HackTheBox fs0sciety Write-up

fs0ciety is yet another low-hanging fruit among the HackTheBox challenges. It’s great for beginners who want to test their process for cracking password-protected zip files and recognition of various encodings. For that, we will use fcrackzip – simply for the reason that it has been around for ages and ships with Kali by default. I have sourced my wordlist from here. Let’s fire up the … Continue reading HackTheBox fs0sciety Write-up

HackTheBox 0ld_is_g0ld Write-up

0ld_is_g0ld is a HackTheBox challenge and a great way for beginners to familiarize themselves with PDF password cracking. If you have used Hashcat before, it’s an easy win. Verifying we indeed are targeting the correct file format: We can extract the hash using the pdf2hashcat.py util script: Now all that’s left is run hashcat with a (large) wordlist against the hash file and with a … Continue reading HackTheBox 0ld_is_g0ld Write-up

HackTheBox Sense Write-up

Sense was a HackTheBox machine that really tested my patience during the enumeration phase. It is a box designed around the popular pfSense firewall. Let’s dive in! Firstly, we start our usual standard nmap scan: Checking out port 80 with the browser automatically redirects us to HTTPS on port 443. We also have an information leak about the server technology in the responses, but that … Continue reading HackTheBox Sense Write-up