HackTheBox OpenAdmin Write-up

OpenAdmin is yet another medium-difficulty machine, which was a blast to hack on! It involved dealing with various stack components, such as interacting directly with a MySQL database. Furthermore, hopping across multiple users through different escalation vectors was very satisfying. Let’s see how it is done! Our first nmap scan does not yield any exciting results: On port 80, we see the default Ubuntu Apache … Continue reading HackTheBox OpenAdmin Write-up

HackTheBox Traverxec Write-up

Traverxec is an interesting box, mainly because the HackTheBox team rated it as easy while the community disagreed and voted it to medium difficulty. It involved a funky privilege escalation that I had not seen before. Let’s see how it’s done! Our first nmap scan does not return exciting results: On port 80, we see a portfolio website. Nothing exciting seems to be hidden here. … Continue reading HackTheBox Traverxec Write-up

HackTheBox fs0sciety Write-up

fs0ciety is yet another low-hanging fruit among the HackTheBox challenges. It’s great for beginners who want to test their process for cracking password-protected zip files and recognition of various encodings. For that, we will use fcrackzip – simply for the reason that it has been around for ages and ships with Kali by default. I have sourced my wordlist from here. Let’s fire up the … Continue reading HackTheBox fs0sciety Write-up