Tag: htb

2020
writeups
πŸ‡¬πŸ‡§

Travel - Write-up - HackTheBox

Information Box# Name: Travel Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up Overview# TL;DR: Tricky RCE exploiting PHP deserialization through memcache over gopher. Then

writeups
πŸ‡¬πŸ‡§

Remote - Write-up - HackTheBox

Information Box# Name: Remote Profile: www.hackthebox.eu Difficulty: Easy OS: Windows Points: 20 Write-up Overview# TL;DR: exploiting Umbraco CMS RCE & EoP through a Windows service. Install to

writeups
πŸ‡¬πŸ‡§

Magic - Write-up - HackTheBox

Information Box# Name: Magic Profile: www.hackthebox.eu Difficulty: Medium OS: Linux Points: 30 Write-up Overview# TL;DR: SQLi, webshell upload with bypass, EoP via SUID tool using unsecured PATH.

writeups
πŸ‡¬πŸ‡§

Traceback - Write-up - HackTheBox

Information Box# Name: Traceback Profile: www.hackthebox.eu Difficulty: Easy OS: Linux Points: 20 Write-up Overview# TL;DR: finding & abusing a PHP webshell to get system access, then EoP to an

writeups
πŸ‡¬πŸ‡§

Fatty - Write-up - HackTheBox

Information Box# Name: Fatty Profile: www.hackthebox.eu Difficulty: Insane OS: Linux Points: 50 Write-up Overview# TL;DR: Java code review, bytecode JAR modification; exploit deserialization. Insta

writeups
πŸ‡¬πŸ‡§

Oouch - Write-up - HackTheBox

Information# Box# Name: Oouch Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up# Overview# TL;DR: The 1st part is a lot about oAuth and the EoP part about DBus and UWSGI. In

writeups
πŸ‡¬πŸ‡§

Cascade - Write-up - HackTheBox

Information# Box# Name: Cascade Profile: www.hackthebox.eu Difficulty: Medium OS: Windows Points: 30 Write-up# Overview# TL;DR: SMB enum users LDAP enum object properties SMB enum shares AD Recycl

writeups
πŸ‡¬πŸ‡§

Book - Write-up - HackTheBox

Information# Box# Name: Book Profile: www.hackthebox.eu Difficulty: Medium OS: Linux Points: 30 Write-up# Overview# TL;DR: SQL truncation -> admin accounts SSRF -> XSS -> file disclosure

writeups
πŸ‡¬πŸ‡§

ForwardSlash - Write-up - HackTheBox

Information# Box# Name: ForwardSlash Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up# Overview# TL;DR: There is a web application with a parameter vulnerable to file discl

writeups
πŸ‡¬πŸ‡§

ServMon - Write-up - HackTheBox

Information# Box# Name: ServMon Profile: www.hackthebox.eu Difficulty: Easy OS: Windows Points: 20 Write-up# Overview# TL;DR: We have to find some hints in a FTP, finds creds through a Path Travers

Posts
Billing - Write-up - TryHackMe

Information Room# Name: Billing Profile: tryhackme.com Difficulty: Easy Description: Some mistakes can be costly. Write-up Overview# Install tools use

Bypass Disable Functions - Write-up - TryHackMe

Information Room# Name: Bypass Disable Functions Profile: tryhackme.com Difficulty: Info Description: Practice bypassing disabled dangerous features t

Disqus: End of Discussion

Introduction: the error of not choosing# Disqus is one of the major third-party commenting and discussion system. However, I never really chose to use

BreizhCTF 2k25 - Write-ups

Information# CTF# Nom : BreizhCTF 2k25 Site web : www.breizhctf.com Type : Sur site β€” France β€” Rennes Format : Jeopardy Web - CurlMania# Vous n'avez q

Service Hacktion - Notes attachΓ©es au balado S01E11 - Panorama de la sΓ©curitΓ© de Github Action

Saison Épisode 1 11 Spotify Deezer Youtube Youtube Music Amazon Music Apple Podcast Podcast Index podCloud Podchaser podtail Podcasts Français Vodio S

Pages
HTTP Error 404 - Not Found

β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•— β–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•— β–ˆβ–ˆβ•— β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•”β•β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•— β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ•‘ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•”β•β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ

Authors
Categories
Domains

Official domain names of Rawsec services. The blog: URL Description https://blog.raw.pm/ Main domain hxxps://rawsec[.]ml/ Backup domain, taken over hx

Tags
Categories
writeupswriteups
miscmisc
securitysecurity
linuxlinux
archlinuxlinux/archlinux
Tags
securitysecurity
fail2banfail2ban
webweb
phpphp
writeupswriteups