Oouch - Write-up - HackTheBox
Information# Box# Name: Oouch Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up# Overview# TL;DR: The 1st part is a lot about oAuth and the EoP part about DBus and UWSGI. In
Information# Box# Name: Oouch Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up# Overview# TL;DR: The 1st part is a lot about oAuth and the EoP part about DBus and UWSGI. In
Information# Box# Name: Cascade Profile: www.hackthebox.eu Difficulty: Medium OS: Windows Points: 30 Write-up# Overview# TL;DR: SMB enum users LDAP enum object properties SMB enum shares AD Recycl
Information# Box# Name: Book Profile: www.hackthebox.eu Difficulty: Medium OS: Linux Points: 30 Write-up# Overview# TL;DR: SQL truncation -> admin accounts SSRF -> XSS -> file disclosure
Information# Box# Name: ForwardSlash Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up# Overview# TL;DR: There is a web application with a parameter vulnerable to file discl
Everyone encountered at least once a form that ask you to confirm your password or email address to check you didn't make some mistake when re-typing it. But it's not rare at all to have those websi
Information# Box# Name: ServMon Profile: www.hackthebox.eu Difficulty: Easy OS: Windows Points: 20 Write-up# Overview# TL;DR: We have to find some hints in a FTP, finds creds through a Path Travers
Information# Box# Name: Monteverde Profile: www.hackthebox.eu Difficulty: Medium OS: Windows Points: 30 Write-up# Overview# Network enumeration: SMB enumeration Network reconnaissance: SMB share &
Information# Box# Name: Nest Profile: www.hackthebox.eu Difficulty: Easy OS: Windows Points: 20 Write-up# Overview# Network Enumeration: finding TempUser: port 445 (SMB), 4386, explore SMB shares
Information# Box# Name: Resolute Profile: www.hackthebox.eu Difficulty: Medium OS: Windows Points: 30 Write-up# Overview# Network Enumeration: SMB, WinRM Network service exploitation: cme CMB pass
Intro# When doing penetration testing using a black box approach, you may find a SQL injection (SLQi) by fuzzing with common payloads. Except if there is a verbose error disclosing the original SQL qu