Hack The Box

HTB - Pandora

HTB – Pandora

In this walk through, we will be going through the Pandora room from HackTheBox. This room is rated as Easy on the platform and it consists of enumeration of SNMP service that reveal creds for initial foothold. For lateral movement, Pandora CMS exploitation is required and exploitation of SUID binary makes us root. So, let’s […]

HTB – Pandora Read More »

HTB - Multimaster

HTB – Multimaster

In this walk through, we will be going through the Multimaster room from HackTheBox. This room is rated as Insane on the platform and it consists of SQL Injection exploitation to get the initial foothold. Then, for the lateral movement vulnerable VS code installation was abused to move laterally and at last abuse of Generic

HTB – Multimaster Read More »

HTB - Mentor

HTB – Mentor

In this walk through, we will be going through the Mentor room from HackTheBox. This room is rated as Medium on the platform and it consists of enumeration of SNMP service to get credentials for an API endpoint which is vulnerable to a blind command injection attack. For privilege escalation , postgresql service is exploited

HTB – Mentor Read More »

HTB - Lame

HTB – Lame

In this walk through, we will be going through the Lame room from HackTheBox. This room is rated as easy on the platform and it consists of exploitation of a vulnerable Samba version to get root. So, let’s get started without any delay. Machine Info: Title Lame IPaddress 10.10.10.3 Difficulty Easy OS Linux Description Lame

HTB – Lame Read More »

HTB - Jeeves

HTB – Jeeves

In this walk through, we will be going through the Jeeves room from HackTheBox. This room is rated as Medium on the platform and it consists of exploitation of running Jenkins application. For privilege escalation, we have to crack a Keepass DB to get the admin hash and captured the root flag by exposing it

HTB – Jeeves Read More »

HTB - Intentions

HTB – Intentions

In this walk through, we will be going through the Intentions room from HackTheBox. This room is rated as Hard on the platform and it consists of exploitation by second-order SQL Injection, followed by abusing an API end point to get admin access on the website which is vulnerable to RCE and thus provide the

HTB – Intentions Read More »

HTB - Intelligence

HTB – Intelligence

In this walk through, we will be going through the Intelligence room from HackTheBox. This room is rated as Medium on the platform and it consists of password spraying of credentials captured from the internal PDF document. For privilege escalation, abuse of group managed service account privilege is used to perform constrained delegation attack which

HTB – Intelligence Read More »

HTB - Forest

HTB – Forest

In this walk through, we will be going through the Forest room from HackTheBox. This room is rated as Easy on the platform and it consists of exploitation by AsREProasting to get the initial foothold. For privilege escalation, DC Sync privilege was abused to get root. So, let’s get started without any delay. Machine Info:

HTB – Forest Read More »

HTB - Flight

HTB – Flight

In this walk through, we will be going through the Flight room from HackTheBox. This room is rated as Hard on the platform and it consists of exploitation of LFI to capture user NTLM hash in order to get foothold on the system and for privilege escalation, DCSync Privilege was abused to get root. So,

HTB – Flight Read More »

HTB - Escape

HTB – Escape

In this walk through, we will be going through the Escape room from HackTheBox. This room is rated as Medium on the platform and it consists of exploitation by capturing the MSSQL user NTLM hash to get the initial foothold. For privilege escalation, ESC1 vulnerability exploitation is required to obtain a valid certificate for the

HTB – Escape Read More »

Scroll to Top