This box is rated medium difficulty on THM. It involves us updating an admin account’s password using a built-in function on the webpage which allows us to upload a shell via the profile picture fe...

This box is rated medium difficulty on THM. It involves us brute forcing an admin login page with hydra, exploiting a known vulnerability within a blog engine to upload a reverse shell, and abusing...

This box is rated medium difficulty on THM and has a cool theme revolving around hacking an APT hacking group to find out who they’re targeting next. It involves us exploiting an older version of ...

This box is rated medium difficulty on THM. It involves us using the Shellshock vulnerability to get RCE on the system which grants us a shell, and abusing an older Ubuntu kernel exploit to pop a s...

This box is rated medium difficulty on HTB. It involves us finding msSQL credentials inside of a PDF on an SMB share, which allows us to logon as a service account. Then, we enumerate the system to...

This box is rated hard difficulty on THM and is the third installment in the Windcorp series. It involves us finding an exposed XML file containing employee names which we use to brute force SMB au...

This box is rated easy difficulty on HTB. I’m starting to go down the list on TJNull’s OSCP-like boxes list for good practice and get a head start on what I need to know/learn. It involves us gett...

This box is rated medium difficulty on THM. It involves abusing buffer overflow on a vulnerable binary found on an SMB share and extracting credentials from a Firefox profile stored in a user’s acc...

This box is rated medium difficulty on THM and is the sequel to Blog. It has a pretty funny storyline as after we hacked his blog page, Billy Joel makes a shady contract with us to deface the websi...

This box is rated hard difficulty on THM; it’s absolutely brutal so prepare yourself. Can you hack your way in? Scanning & Enumeration First things first, I run an Nmap scan against the given...