In this walk through, we will be going through the Cereal room from HackTheBox. This room is rated as Hard on the platform and it consists of exploitation of deserialization and XSS vulnerabilities to get foothold on the system and for privilege escalation, SEImpersonate Privilege was abused to get root. So, let’s get started without […]
In this walk through, we will be going through the Cerberus room from HackTheBox. This room is rated as Hard on the platform and it consists of exploitation of a RCE in Icinga web application and abuse of firejail SUID binary to perform a container breakout. For privilege escalation, Kerberos was exploited with a known
In this walk through, we will be going through the Broker room from HackTheBox. This room is rated as Easy on the platform and it consists of exploitation of a RCE in ActiveMQ installation. For privilege escalation, sudo misconfiguration was abused to get root. So, let’s get started without any delay. Machine Info: Title Broker
In this walk through, we will be going through the Blackfield room from HackTheBox. This room is rated as Hard on the platform and it consists of exploitation of Windows and Active Directory misconfigurations to get initial access. For privilge escalation, Backup Operators group privilege was abused to get SYSTEM. So, let’s get started without
In this walk through, we will be going through the Atom room from HackTheBox. This room is rated as Medium on the platform and it consists of exploitation of an Electron application to get initial access and for privilege escalation, exploitation of PortableKanban is required to get root. So, let’s get started without any delay.
In this walk through, we will be going through the APT room from HackTheBox. This room is rated as Insane on the platform and it consists of RPC to IPV6 enumeration. Followed by exploiting registry values to get the initial access and leveraging NTLMV1 hash authentication for privilege escalation. So, let’s get started without any
In this walk through, we will be going through the Active room from HackTheBox. This room is rated as Easy on the platform and it consists of Active Directory Enumeration, GPP Credential Attacks and Kerberoasting to get root. So, let’s get started without any delay. Machine Info: Title Active IPaddress 10.10.10.100 Difficulty Easy OS Windows
In this walk through, we will be going through the StreamIO room from HackTheBox. This room is rated as medium on the platform and it consists of lot of subdomain enumeration, the initial access requires knowledge in vulnerabilities like SQL Injection & LFI and for privilege escalation, the LDAP secrets are exposed to get root.
In this walk through, we will be going through the Busqueda room from HackTheBox. This room is rated as Easy on the platform and it consists of Enumeration, Exploitation and Privilege Escalation of a Linux boot2root machine. So, let’s get started without any delay. Machine Info: Title Busqueda IPaddress 10.10.11.208 Difficulty Easy OS Linux Description
In this walk through, we will be going through the XXE Injection vulnerability section from Webgoat Labs. We will be exploring and exploiting XXE Injection and learn how application are affected because of it. So, let’s get started with the Hacking without any delay. 1. XXE Injection 2. Modern REST framework XXE Injection 3. Blind
