Posts by Tag

CTF

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Hack The Box - Netmon

6 minute read

Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Hack The Box - Waldo

5 minute read

This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...

Hack The Box - Zipper

8 minute read

This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...

Hack The Box - Carrier

9 minute read

This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldn’t typica...

Hack The Box - Curling

3 minute read

This machine had some CTF elements to it, but overall wasn’t that difficult to complete through proper enumeration. It highlights some issues which may be pr...

Hack The Box - Help

5 minute read

Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...

Hack The Box - Active

3 minute read

This machine was fairly straight forward and mimicked something you’d unfortunately expect to see even today in a typical penetration test. All in all it’s a...

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Hack The Box - Jerry

2 minute read

Jerry would have to be one of the easiest machines I’ve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...

Hack The Box - Dev0ops

8 minute read

Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...

Hack The Box - Solidstate

5 minute read

This machine contained a fairly straightforward SMTP vulnerability which didn’t even need to be exploited to fully compromise the machine. It is an essential...

Hack The Box - Chatterbox

5 minute read

Chatterbox was a reasonably simple machine which required exploiting a vulnerable ‘Achat’ service with custom shellcode, and then migrating to a more stable ...

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Hack The Box - Bashed

3 minute read

Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...

Hack The Box - Blue

26 minute read

Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...

Back to top ↑

Technical

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Hack The Box - Netmon

6 minute read

Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Hack The Box - Waldo

5 minute read

This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...

Hack The Box - Zipper

8 minute read

This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...

Hack The Box - Carrier

9 minute read

This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldn’t typica...

Hack The Box - Curling

3 minute read

This machine had some CTF elements to it, but overall wasn’t that difficult to complete through proper enumeration. It highlights some issues which may be pr...

Hack The Box - Help

5 minute read

Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...

Hack The Box - Active

3 minute read

This machine was fairly straight forward and mimicked something you’d unfortunately expect to see even today in a typical penetration test. All in all it’s a...

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Hack The Box - Jerry

2 minute read

Jerry would have to be one of the easiest machines I’ve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...

Hack The Box - Dev0ops

8 minute read

Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...

Hack The Box - Solidstate

5 minute read

This machine contained a fairly straightforward SMTP vulnerability which didn’t even need to be exploited to fully compromise the machine. It is an essential...

Hack The Box - Chatterbox

5 minute read

Chatterbox was a reasonably simple machine which required exploiting a vulnerable ‘Achat’ service with custom shellcode, and then migrating to a more stable ...

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Hack The Box - Bashed

3 minute read

Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...

Hack The Box - Blue

26 minute read

Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...

Back to top ↑

HTB

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Hack The Box - Netmon

6 minute read

Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Hack The Box - Waldo

5 minute read

This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...

Hack The Box - Zipper

8 minute read

This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...

Hack The Box - Carrier

9 minute read

This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldn’t typica...

Hack The Box - Curling

3 minute read

This machine had some CTF elements to it, but overall wasn’t that difficult to complete through proper enumeration. It highlights some issues which may be pr...

Hack The Box - Help

5 minute read

Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...

Hack The Box - Active

3 minute read

This machine was fairly straight forward and mimicked something you’d unfortunately expect to see even today in a typical penetration test. All in all it’s a...

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Hack The Box - Jerry

2 minute read

Jerry would have to be one of the easiest machines I’ve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...

Hack The Box - Dev0ops

8 minute read

Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...

Hack The Box - Solidstate

5 minute read

This machine contained a fairly straightforward SMTP vulnerability which didn’t even need to be exploited to fully compromise the machine. It is an essential...

Hack The Box - Chatterbox

5 minute read

Chatterbox was a reasonably simple machine which required exploiting a vulnerable ‘Achat’ service with custom shellcode, and then migrating to a more stable ...

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Hack The Box - Bashed

3 minute read

Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...

Hack The Box - Blue

26 minute read

Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...

Back to top ↑

Nmap

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Hack The Box - Netmon

6 minute read

Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Hack The Box - Waldo

5 minute read

This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...

Hack The Box - Curling

3 minute read

This machine had some CTF elements to it, but overall wasn’t that difficult to complete through proper enumeration. It highlights some issues which may be pr...

Hack The Box - Help

5 minute read

Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...

Hack The Box - Active

3 minute read

This machine was fairly straight forward and mimicked something you’d unfortunately expect to see even today in a typical penetration test. All in all it’s a...

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Hack The Box - Jerry

2 minute read

Jerry would have to be one of the easiest machines I’ve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...

Hack The Box - Dev0ops

8 minute read

Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...

Hack The Box - Solidstate

5 minute read

This machine contained a fairly straightforward SMTP vulnerability which didn’t even need to be exploited to fully compromise the machine. It is an essential...

Hack The Box - Chatterbox

5 minute read

Chatterbox was a reasonably simple machine which required exploiting a vulnerable ‘Achat’ service with custom shellcode, and then migrating to a more stable ...

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Hack The Box - Bashed

3 minute read

Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...

Hack The Box - Blue

26 minute read

Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...

Back to top ↑

Gobuster

Hack The Box - Carrier

9 minute read

This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldn’t typica...

Hack The Box - Help

5 minute read

Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Hack The Box - Dev0ops

8 minute read

Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...

Hack The Box - Bashed

3 minute read

Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...

Back to top ↑

SMB

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Hack The Box - Blue

26 minute read

Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...

Back to top ↑

Python

Hack The Box - Bashed

3 minute read

Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...

Hack The Box - Bashed

3 minute read

Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...

Back to top ↑

FTP

Hack The Box - Netmon

6 minute read

Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...

Hack The Box - Carrier

9 minute read

This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldn’t typica...

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Back to top ↑

Curl

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Hack The Box - Curling

3 minute read

This machine had some CTF elements to it, but overall wasn’t that difficult to complete through proper enumeration. It highlights some issues which may be pr...

Back to top ↑

Forensics

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Back to top ↑

MSFVenom

Hack The Box - Jerry

2 minute read

Jerry would have to be one of the easiest machines I’ve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...

Hack The Box - Chatterbox

5 minute read

Chatterbox was a reasonably simple machine which required exploiting a vulnerable ‘Achat’ service with custom shellcode, and then migrating to a more stable ...

Back to top ↑

Apache

Hack The Box - Jerry

2 minute read

Jerry would have to be one of the easiest machines I’ve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...

Hack The Box - Solidstate

5 minute read

This machine contained a fairly straightforward SMTP vulnerability which didn’t even need to be exploited to fully compromise the machine. It is an essential...

Back to top ↑

SSH

Hack The Box - Dev0ops

8 minute read

Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...

Hack The Box - Solidstate

5 minute read

This machine contained a fairly straightforward SMTP vulnerability which didn’t even need to be exploited to fully compromise the machine. It is an essential...

Back to top ↑

Git

Hack The Box - Dev0ops

8 minute read

Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...

Back to top ↑

Readpst

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Back to top ↑

Metasploit

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Back to top ↑

Smbclient

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Hack The Box - Active

3 minute read

This machine was fairly straight forward and mimicked something you’d unfortunately expect to see even today in a typical penetration test. All in all it’s a...

Back to top ↑

Hashcat

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Hack The Box - Active

3 minute read

This machine was fairly straight forward and mimicked something you’d unfortunately expect to see even today in a typical penetration test. All in all it’s a...

Back to top ↑

Base64

Hack The Box - Carrier

9 minute read

This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldn’t typica...

Back to top ↑

SUID

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Hack The Box - Zipper

8 minute read

This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...

Back to top ↑

Searchsploit

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Hack The Box - Zipper

8 minute read

This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...

Back to top ↑

SQL

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Back to top ↑

Powershell

Hack The Box - Netmon

6 minute read

Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...

Back to top ↑

DFIR

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Back to top ↑

MS17-010

Hack The Box - Blue

26 minute read

Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...

Back to top ↑

EternalBlue

Hack The Box - Blue

26 minute read

Blue is definitely one of the shortest boxes in Hack The Box history. As the name suggests all that was required to fully compromise this machine was MS17-01...

Back to top ↑

Netcat

Hack The Box - Bashed

3 minute read

Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...

Back to top ↑

PHPBash

Hack The Box - Bashed

3 minute read

Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...

Back to top ↑

Sudo

Hack The Box - Bashed

3 minute read

Bashed was an extremely simple box demonstrating some of the most basic techniques for spawning reverse shells and elevating privileges. It is a great beginn...

Back to top ↑

Jenkins

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Back to top ↑

Groovy

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Back to top ↑

Snapshot

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Back to top ↑

KeePass

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Back to top ↑

PTH

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Back to top ↑

RelayHash

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Back to top ↑

ADS

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Back to top ↑

Pth-winexe

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Back to top ↑

JTR

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Back to top ↑

John

Hack The Box - Jeeves

5 minute read

Jeeves showed us that an unauthenticated Jenkins server can easily lead to a reverse shell through Groovy Script even if the web-directory is unknown. It hig...

Back to top ↑

Achat

Hack The Box - Chatterbox

5 minute read

Chatterbox was a reasonably simple machine which required exploiting a vulnerable ‘Achat’ service with custom shellcode, and then migrating to a more stable ...

Back to top ↑

Icacls

Hack The Box - Chatterbox

5 minute read

Chatterbox was a reasonably simple machine which required exploiting a vulnerable ‘Achat’ service with custom shellcode, and then migrating to a more stable ...

Back to top ↑

SMTP

Hack The Box - Solidstate

5 minute read

This machine contained a fairly straightforward SMTP vulnerability which didn’t even need to be exploited to fully compromise the machine. It is an essential...

Back to top ↑

James

Hack The Box - Solidstate

5 minute read

This machine contained a fairly straightforward SMTP vulnerability which didn’t even need to be exploited to fully compromise the machine. It is an essential...

Back to top ↑

Cron

Hack The Box - Solidstate

5 minute read

This machine contained a fairly straightforward SMTP vulnerability which didn’t even need to be exploited to fully compromise the machine. It is an essential...

Back to top ↑

XXE

Hack The Box - Dev0ops

8 minute read

Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...

Back to top ↑

XML

Hack The Box - Dev0ops

8 minute read

Dev0ops highlighted issues with weakly configured XML parsers which lead to an XXE vulnerability, and developer error which lead to SSH keys in commit revisi...

Back to top ↑

Java

Hack The Box - Jerry

2 minute read

Jerry would have to be one of the easiest machines I’ve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...

Back to top ↑

Tomcat

Hack The Box - Jerry

2 minute read

Jerry would have to be one of the easiest machines I’ve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...

Back to top ↑

JSP

Hack The Box - Jerry

2 minute read

Jerry would have to be one of the easiest machines I’ve ever compromised on Hack The Box. This involved using legitimate credentials to log onto an Apache To...

Back to top ↑

Msfvenom

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Back to top ↑

Certutil

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Back to top ↑

Runas

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Back to top ↑

Cmdkey

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Back to top ↑

Mdbtools

Hack The Box - Access

6 minute read

This machine was fairly basic but still provided some useful reminders and tools which can be utilised to export pst file contents on Linux, natively transfe...

Back to top ↑

Enum4linux

Hack The Box - Active

3 minute read

This machine was fairly straight forward and mimicked something you’d unfortunately expect to see even today in a typical penetration test. All in all it’s a...

Back to top ↑

Cpassword

Hack The Box - Active

3 minute read

This machine was fairly straight forward and mimicked something you’d unfortunately expect to see even today in a typical penetration test. All in all it’s a...

Back to top ↑

gpp-decrypt

Hack The Box - Active

3 minute read

This machine was fairly straight forward and mimicked something you’d unfortunately expect to see even today in a typical penetration test. All in all it’s a...

Back to top ↑

GetUserSPNs

Hack The Box - Active

3 minute read

This machine was fairly straight forward and mimicked something you’d unfortunately expect to see even today in a typical penetration test. All in all it’s a...

Back to top ↑

Node.js

Hack The Box - Help

5 minute read

Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...

Back to top ↑

GraphQL

Hack The Box - Help

5 minute read

Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...

Back to top ↑

HelpDeskZ

Hack The Box - Help

5 minute read

Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...

Back to top ↑

GCC

Hack The Box - Help

5 minute read

Help was an interesting machine which appeared to have multiple ways of gaining access and elevating privileges. In the end it contained elements of graphql,...

Back to top ↑

Xxd

Hack The Box - Curling

3 minute read

This machine had some CTF elements to it, but overall wasn’t that difficult to complete through proper enumeration. It highlights some issues which may be pr...

Back to top ↑

Bzip

Hack The Box - Curling

3 minute read

This machine had some CTF elements to it, but overall wasn’t that difficult to complete through proper enumeration. It highlights some issues which may be pr...

Back to top ↑

Pspy

Hack The Box - Curling

3 minute read

This machine had some CTF elements to it, but overall wasn’t that difficult to complete through proper enumeration. It highlights some issues which may be pr...

Back to top ↑

BGP

Hack The Box - Carrier

9 minute read

This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldn’t typica...

Back to top ↑

SNMP

Hack The Box - Carrier

9 minute read

This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldn’t typica...

Back to top ↑

Injection

Hack The Box - Carrier

9 minute read

This machine had some interesting elements to it and really made you think outside of the box. It incorporated a number of elements which you wouldn’t typica...

Back to top ↑

Zabbix

Hack The Box - Zipper

8 minute read

This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...

Back to top ↑

Jsonrpc

Hack The Box - Zipper

8 minute read

This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...

Back to top ↑

Strings

Hack The Box - Zipper

8 minute read

This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...

Back to top ↑

Perl

Hack The Box - Zipper

8 minute read

This machine took a bit of thinking outside of the box so it was a bit of a nice challenge and involved exploiting both custom binaries and legitimate servic...

Back to top ↑

Burpsuite

Hack The Box - Waldo

5 minute read

This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...

Back to top ↑

LFI

Hack The Box - Waldo

5 minute read

This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...

Back to top ↑

Webapp

Hack The Box - Waldo

5 minute read

This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...

Back to top ↑

Tac

Hack The Box - Waldo

5 minute read

This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...

Back to top ↑

Getcap

Hack The Box - Waldo

5 minute read

This machine was interesting, starting with directory traversal and LFI vulnerabilities, it then exploits a feature not commonly known which is supposed to b...

Back to top ↑

PKI

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Back to top ↑

Masscan

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Back to top ↑

Crackmapexec

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Back to top ↑

Puttygen

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Back to top ↑

Doas

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Back to top ↑

SSH-Keygen

Hack The Box - Ypuffy

5 minute read

This machine was quite interesting, and contained a privilege escalation method I’d not seen mentioned elsewhere. Luckily this was confined to the challenge,...

Back to top ↑

Steghide

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Back to top ↑

TTY

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Back to top ↑

Chmod

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Back to top ↑

Stego

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Back to top ↑

IRC

Hack The Box - Irked

6 minute read

This machine highlighted a few issues such as supply chain compromise, the ease of hiding information using steganography, and how easily a vulnerable binary...

Back to top ↑

HHC

Back to top ↑

Kringlecon

Back to top ↑

SANS

Back to top ↑

CounterHack

Back to top ↑

Vim

Back to top ↑

SQLite3

Back to top ↑

DB

Back to top ↑

DeBruijn

Back to top ↑

Trufflehog

Back to top ↑

Bloodhound

Back to top ↑

EvtxDump

Back to top ↑

Sed

Back to top ↑

DDE

Back to top ↑

Http2

Back to top ↑

SSL

Back to top ↑

Pcap

Back to top ↑

Sniffing

Back to top ↑

Snort

Back to top ↑

Gdb

Back to top ↑

DNS

Back to top ↑

Reversing

Back to top ↑

Cryptography

Back to top ↑

PlaintextPasswords

Hack The Box - Netmon

6 minute read

Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...

Back to top ↑

PRTG

Hack The Box - Netmon

6 minute read

Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...

Back to top ↑

Config

Hack The Box - Netmon

6 minute read

Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...

Back to top ↑

Grep

Hack The Box - Netmon

6 minute read

Netmon was a very simple box which highlighted issues with open FTP servers, plaintext configuration files, common password conventions, and blindly trusting...

Back to top ↑

Impacket

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Back to top ↑

Macro

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Back to top ↑

olevba

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Back to top ↑

Responder

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Back to top ↑

Powersploit

Hack The Box - Querier

9 minute read

Querier is true to its name, requiring exploitation of common SQL vulnerabilities whilst combining elements of combing through macros, insecure SMB shares, h...

Back to top ↑

PMA

Practical Malware Analysis - Lab Write-up

8 minute read

This details reverse engineering activities and answers for labs contained in the book ‘Practical Malware Analysis’ by Michael Sikorski and Andrew Honig, whi...

Back to top ↑

Malware

Practical Malware Analysis - Lab Write-up

8 minute read

This details reverse engineering activities and answers for labs contained in the book ‘Practical Malware Analysis’ by Michael Sikorski and Andrew Honig, whi...

Back to top ↑

Analysis

Practical Malware Analysis - Lab Write-up

8 minute read

This details reverse engineering activities and answers for labs contained in the book ‘Practical Malware Analysis’ by Michael Sikorski and Andrew Honig, whi...

Back to top ↑

Practical

Practical Malware Analysis - Lab Write-up

8 minute read

This details reverse engineering activities and answers for labs contained in the book ‘Practical Malware Analysis’ by Michael Sikorski and Andrew Honig, whi...

Back to top ↑

Lab

Practical Malware Analysis - Lab Write-up

8 minute read

This details reverse engineering activities and answers for labs contained in the book ‘Practical Malware Analysis’ by Michael Sikorski and Andrew Honig, whi...

Back to top ↑

Cheatsheet

Back to top ↑

Incident

Back to top ↑

Response

Back to top ↑

IR

Back to top ↑

Defcon

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Back to top ↑

FTK Imager

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Back to top ↑

Autopsy

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Back to top ↑

Live Response

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Back to top ↑

CyberChef

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Back to top ↑

Volatility

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Back to top ↑

Deadbox

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Back to top ↑

HexEdit

2019 Defcon DFIR CTF Write-up

33 minute read

The Unofficial Defcon DFIR CTF comprised of 5 different challenge categories with a total of 82 DFIR related challenges including a Crypto Challenge, Deadbox...

Back to top ↑