HackTheBox: Flight
This box is rated hard difficulty on HTB. It involves LFI, NTLM theft, password spraying, uploading reverse shells, plenty of enumeration, port forwarding, a...
This box is rated hard difficulty on HTB. It involves LFI, NTLM theft, password spraying, uploading reverse shells, plenty of enumeration, port forwarding, a...
This box is rated easy difficulty on THM. It involves using Guest authentication to discover a default password on an SMB share, finding more passwords throu...
This box is rated easy difficulty on HTB. It involves us exploiting SQL injection to dump a web application’s database and sign in as an Administrator. Then ...
This box is rated easy difficulty on HTB. It involves us logging into a ticket support site with default credentials which leads to grabbing a plaintext pass...
This is vulnerable machine was a side project of mine that also served as great practice for Python, web exploitation, and Linux privilege escalation techniq...
This box is rated medium difficulty on HTB. It involves us grabbing a reverse shell by using Jenkins’ script console, decrypting a KeePass database file to g...
This box is rated medium difficulty on THM. It involves us exploiting a blind-based SQL injection to dump user credentials on the website. Doing so rewards u...
This box is rated medium difficulty on HTB. It involves us bypassing both a login page via SQL injection and a file upload filter by manipulating magic bytes...
This box is rated medium difficulty on HTB. It involves us exploiting a vulnerable Jenkins application to read files on the server. Parsing XML files grants ...
This box is rated medium difficulty on THM. It involves us exploiting a SQL injection in an old CMS site, which leads to dumping user credentials. Using a re...