Write-Ups

A collection of 9 posts

Authby | Write-Up

Authby, an Intermediate-rated machine, is a Windows box with an open FTP share used to enumerate users, upload a reverse shell using cURL with various parameters, and escalate privileges with a kernel exploit of your choice.

Bashed | Write-Up

Bashed, an easy Linux box, has an easy foothold path that includes a built-in web shell followed by manipulating a file that is executed as root periodically on the machine.

Lame | Write-Up

Lame, an Easy-rated machine, takes advantage of outdated software for an easy exploit to root vulnerability.

Nineveh | Write-Up

Nineveh, a medium-rated machine from Hack the Box that takes advantage of different web servers susceptible to brute force attacks. Using both to interact with each other, we can exploit LFI to gain a foothold, followed by exploiting a binary running as root for privilege escalation.

Sense | Write-Up

Sense, an easy Linux machine, makes use of a vulnerable firewall. Enumeration of the machine reveals vulnerable portions of the firewall's interface, dropping us directly into a root shell.