Hack The Box: Machine Write-ups

In this write-up I detail how I used MetaSploit to own my first Hack The Box machine.

In this write-up I detail target enumeration with nmap, Redis exploitation, cracking SSH keys, and exploiting Webmin.

This writeup covers abusing Kerberos and OS misconfiguration in order to gain an Administrator context shell on the target machine.

This writeup describes abusing the RPC service and mis-configured NFS shares, as well as exploiting insecure service permissions.

This writeup covers abusing a dropped web shell, SUID-bit misconfiguration, and improper file permissions.

This write-up covers using CVE PoC scripts, cracking with Hashcat, and abusing sudo misconfigurations.

This writeup covers using LFI/RCE CVE exploits, and hijacking Python import statements.

This writeup covers using LFI to steal credentials, exploiting Apache Tomcat 9, and abusing lxd for privilege escalation.

In this writeup I abuse RPC and perform some necromancy.

In this writeup I bypass web authentication with SQLi, bypass upload filtering to execute a PHP web shell, and hijack the execution path of a binary to escalate privileges.

In this writeup I discover hidden vhosts, dump credentials with sqlmap, and abuse Docker permissions to escalate privilege.

In this writeup I enumerate vhosts, abuse unauthenticated file upload, and execute a buffer overflow exploit against the target.

In this writeup I discover exposed usernames and passwords from an exposed webpage, use a service account to gain a foothold on WinRM, and abuse the SeLoadDriverPrivilege to escalate to SYSTEM.

In this write-up I cover enumerating users from the finger service, brute-forcing legacy SSH, and abusing insecure sudo privileges.

In this write-up, I cover thoroughly enumerating the target with Nmap, exploiting the AChat service with a public remote buffer overflow, and abusing stored AutoLogin credentials to execute arbitrary commands as a privileged user.