Tag: linux

0

Blunder - Write-up - HackTheBox

Information Box# Name: Blunder Profile: www.hackthebox.eu Difficulty: Easy OS: Linux Points: 20 Write-up Overview# Install tools used in this WU on BlackArch Linux: 1$ pacman -S nmap ffuf exploitdb

0

Setup a NTP client on ArchLinux

There are at least 4 NTP clients available on ArchLinux: systemd-timesyncd ntpd chrony openntpd We'll see how to configure systemd-timesyncd, the most handy of the four. Configuration# Create a dire

0

Cache - Write-up - HackTheBox

Information Box# Name: Cache Profile: www.hackthebox.eu Difficulty: Medium OS: Linux Points: 30 Write-up Overview# Install tools used in this WU on BlackArch Linux: 1$ pacman -S nmap lynx ffuf expl

0

Admirer - Write-up - HackTheBox

Information Box# Name: Admirer Profile: www.hackthebox.eu Difficulty: Easy OS: Linux Points: 20 Write-up Overview# TL;DR: CTF-like box with a bit of code review for initial access (PHP) and EoP (py

0

Travel - Write-up - HackTheBox

Information Box# Name: Travel Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up Overview# TL;DR: Tricky RCE exploiting PHP deserialization through memcache over gopher. Then

0

tmux - Write-up - TryHackMe

Information Room# Name: tmux Profile: tryhackme.com Difficulty: Easy Description: Part of the Red Primer series, learn to use tmux! Write-up Overview# Install tools used in this WU on BlackArch Lin

0

Magic - Write-up - HackTheBox

Information Box# Name: Magic Profile: www.hackthebox.eu Difficulty: Medium OS: Linux Points: 30 Write-up Overview# TL;DR: SQLi, webshell upload with bypass, EoP via SUID tool using unsecured PATH.

0

Traceback - Write-up - HackTheBox

Information Box# Name: Traceback Profile: www.hackthebox.eu Difficulty: Easy OS: Linux Points: 20 Write-up Overview# TL;DR: finding & abusing a PHP webshell to get system access, then EoP to an

0

Fatty - Write-up - HackTheBox

Information Box# Name: Fatty Profile: www.hackthebox.eu Difficulty: Insane OS: Linux Points: 50 Write-up Overview# TL;DR: Java code review, bytecode JAR modification; exploit deserialization. Insta

0

Oouch - Write-up - HackTheBox

Information# Box# Name: Oouch Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up# Overview# TL;DR: The 1st part is a lot about oAuth and the EoP part about DBus and UWSGI. In