HackTheBox: Cereal
This box is rated hard difficulty on HTB. It involves us finding a subdomain with an exposed code repository, leading us to forge a valid JWT with a secret k...
This box is rated hard difficulty on HTB. It involves us finding a subdomain with an exposed code repository, leading us to forge a valid JWT with a secret k...
This box is rated insane difficulty on HTB. It involves us performing unauthenticated Kerberoasting via AS-REP Roasting and cracking the hash in order to get...
This box is rated hard difficulty on HTB. It involves us registering an account on a website where we can reset our password in order to bypass an activation...
This box is rated hard difficulty on HTB. It involves us grabbing password hashes from a website vulnerable to Time-Based SQL injection, letting us login. Us...
This box is rated hard difficulty on HTB. It involves us discovering a path traversal vulnerability in Splunk that lets us grab an encrypted LDAP bind passwo...
This box is rated medium difficulty on HTB. It involves us discovering a LUKS encrypted backup image on a non-standard SMB share that gives us access to the ...
This box is rated insane difficulty on HTB. It involves us creating a username wordlist via image metadata pulled from a website which is used to AS-REP Roas...
This box is rated hard difficulty on HTB. It involves us discovering a private key and certificate in an NFS export that can be used to get a user’s NTLM has...
This box is rated insane difficulty on HTB. It involves us discovering a search function on the website that is prone to SQL injection, which requires encodi...
This box is rated hard difficulty on HTB. It involves us finding a login page which is vulnerable to SQL injection, allowing us to dump the users table to ge...