HackTheBox Postman Write-up

Postman was an easy-going box. It required careful enumeration and beyond that did not have too much resistance in privilege escalation. This makes it a prime example for real-world M&M security where the initial foothold is hard, but there is few resistance on the inside. Let’s start out by scanning the machine: There are a few interesting things here already. We have a webserver running … Continue reading HackTheBox Postman Write-up

HackTheBox Obscurity Write-up

Obscurity is a medium-difficulty box. It was super fun to solve because it involved great excuses for me to write some neat little helper scripts and find a vulnerability in Python code. Something you don’t do too often in these challenges. Let’s dive right in with a nmap scan: Checking port 8080 on the server, we find the following text: Challenge accepted. The developer message … Continue reading HackTheBox Obscurity Write-up

HackTheBox OpenAdmin Write-up

OpenAdmin is yet another medium-difficulty machine, which was a blast to hack on! It involved dealing with various stack components, such as interacting directly with a MySQL database. Furthermore, hopping across multiple users through different escalation vectors was very satisfying. Let’s see how it is done! Our first nmap scan does not yield any exciting results: On port 80, we see the default Ubuntu Apache … Continue reading HackTheBox OpenAdmin Write-up

HackTheBox Traverxec Write-up

Traverxec is an interesting box, mainly because the HackTheBox team rated it as easy while the community disagreed and voted it to medium difficulty. It involved a funky privilege escalation that I had not seen before. Let’s see how it’s done! Our first nmap scan does not return exciting results: On port 80, we see a portfolio website. Nothing exciting seems to be hidden here. … Continue reading HackTheBox Traverxec Write-up

HackTheBox fs0sciety Write-up

fs0ciety is yet another low-hanging fruit among the HackTheBox challenges. It’s great for beginners who want to test their process for cracking password-protected zip files and recognition of various encodings. For that, we will use fcrackzip – simply for the reason that it has been around for ages and ships with Kali by default. I have sourced my wordlist from here. Let’s fire up the … Continue reading HackTheBox fs0sciety Write-up

HackTheBox 0ld_is_g0ld Write-up

0ld_is_g0ld is a HackTheBox challenge and a great way for beginners to familiarize themselves with PDF password cracking. If you have used Hashcat before, it’s an easy win. Verifying we indeed are targeting the correct file format: We can extract the hash using the pdf2hashcat.py util script: Now all that’s left is run hashcat with a (large) wordlist against the hash file and with a … Continue reading HackTheBox 0ld_is_g0ld Write-up