Recent Posts

HackTheBox: VulnCicada

10 minute read

This box is rated medium difficulty on HTB. It involves us discovering a password within an image on an NFS share, giving us valid domain credentials. We fin...

HackTheBox: Pov

9 minute read

This box is rated medium difficulty on HTB. It involves us discovering a developer subdomain on a web server that has a file read vulnerability in a download...

HackTheBox: Mailroom

15 minute read

This box is rated hard difficulty on HTB. It involves us chaining Cross-Site Scripting with Cross-Site Request Forgery in order to perform NoSQL injection on...

HackTheBox: CrimeStoppers

10 minute read

This box is rated hard difficulty on HTB. It involves us combining a file upload with an LFI vulnerability to get a reverse shell on the machine as www-data....

HackTheBox: Media

8 minute read

This box is rated medium difficulty on HTB. It involves us exploiting a file upload feature on a website in order to capture a user’s NTLMv2 hash and crack i...

TryHackMe: Crocc Crew

12 minute read

This box is rated insane difficulty on THM and has a general theme of hacking an already compromised Domain Controller to discover the trail left behind by t...

TryHackMe: Enterprise

9 minute read

This box is rated hard difficulty on THM. It involves us discovering an Atlassian BitBucket instance running on a higher HTTP port, leading us to a GitHib re...

HackTheBox: Irked

6 minute read

This box is rated easy difficulty on HTB. It involves us discovering a backdoor vulnerability within an outdated IRC server, allowing us to execute commands ...

HackTheBox: Fluffy

14 minute read

This box is rated easy difficulty on HTB. It involves us grabbing a PDF from an available SMB share that hints at unpatched CVEs on the Domain Controller. Us...

HackTheBox: Puppy

9 minute read

This box is rated medium difficulty on HTB. It involves adding ourselves to a Developers group to gain access to an SMB share containing a password-protected...