2020

writeups

Saturday 14 November 2020 (2020-11-14)

🇬🇧

Ignite - Write-up - TryHackMe

Information Room# Name: Ignite Profile: tryhackme.com Difficulty: Easy Description: A new start-up has a few issues with their web server. Write-up Overview# Install tools used in this WU on BlackA

writeups

Saturday 7 November 2020 (2020-11-07)

🇬🇧

Tabby - Write-up - HackTheBox

Information Box# Name: Tabby Profile: www.hackthebox.eu Difficulty: Easy OS: Linux Points: 20 Write-up Overview# Install tools used in this WU on BlackArch Linux: $ pacman -S nmap ffuf curl metaspl

writeups

Saturday 24 October 2020 (2020-10-24)

🇬🇧

Dyplesher - Write-up - HackTheBox

Information Box# Name: Dyplesher Profile: www.hackthebox.eu Difficulty: Insane OS: Linux Points: 50 Write-up Overview# Install tools used in this WU on BlackArch Linux: $ pacman -S nmap ffuf gittoo

writeups

Saturday 17 October 2020 (2020-10-17)

🇬🇧

Blunder - Write-up - HackTheBox

Information Box# Name: Blunder Profile: www.hackthebox.eu Difficulty: Easy OS: Linux Points: 20 Write-up Overview# Install tools used in this WU on BlackArch Linux: $ pacman -S nmap ffuf exploitdb

writeups

Saturday 26 September 2020 (2020-09-26)

🇬🇧

Admirer - Write-up - HackTheBox

Information Box# Name: Admirer Profile: www.hackthebox.eu Difficulty: Easy OS: Linux Points: 20 Write-up Overview# TL;DR: CTF-like box with a bit of code review for initial access (PHP) and EoP (py

writeups

Tuesday 15 September 2020 (2020-09-15)

🇬🇧

Travel - Write-up - HackTheBox

Information Box# Name: Travel Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up Overview# TL;DR: Tricky RCE exploiting PHP deserialization through memcache over gopher. Then

writeups

Friday 21 August 2020 (2020-08-21)

🇬🇧

Magic - Write-up - HackTheBox

Information Box# Name: Magic Profile: www.hackthebox.eu Difficulty: Medium OS: Linux Points: 30 Write-up Overview# TL;DR: SQLi, webshell upload with bypass, EoP via SUID tool using unsecured PATH.

writeups

Saturday 15 August 2020 (2020-08-15)

🇬🇧

Traceback - Write-up - HackTheBox

Information Box# Name: Traceback Profile: www.hackthebox.eu Difficulty: Easy OS: Linux Points: 20 Write-up Overview# TL;DR: finding & abusing a PHP webshell to get system access, then EoP to an

2019

writeups

Wednesday 22 May 2019 (2019-05-22)

🇬🇧

ECSC 2019 Quals Team France - noraj

Information# CTF# Name : ECSC 2019 Quals Team France Website : www.ecsc-teamfrance.fr Type : Online Format : Jeopardy (individual) This is more my thoughts proceedings, than a concise write-up. 124

writeups

Saturday 6 April 2019 (2019-04-06)

🇬🇧

HackLab ESGI Security Day 7th Edition - Write-ups

Information# CTF# Name : ESGI Security Day 7th Edition Website : ctf.hacklab-esgi.org Type : Online/On-site Format : Jeopardy 100 - Rookie - Web# (▀̿Ĺ̯▀̿ ̿) M0th3r >Hey bah quoi ? Tu t’attendais

Tag: php