Entradas recientes

Wall - Hack The Box

5 minuto(s) de lectura

Wall is running a vulnerable version of the Centreon application that allows authenticated users to gain RCE. The tricky part of this box was finding the pat...

Heist - Hack The Box

5 minuto(s) de lectura

Heist starts off with a support page with a username and a Cisco IOS config file containing hashed & encrypted passwords. After cracking two passwords fr...

Chainsaw - Hack The Box

7 minuto(s) de lectura

I learned a bit about Ethereum and smart contracts while doing the Chainsaw box from Hack the Box. There’s a command injection vulnerability in a smart contr...

Networked - Hack The Box

6 minuto(s) de lectura

Networked was an easy box that starts off with a classic insecure upload vulnerability in an image gallery web application. The Apache server is misconfigure...

Jarvis - Hack The Box

4 minuto(s) de lectura

The entrypoint for Jarvis is an SQL injection vulnerability in the web application to book hotel rooms. There is a WAF but I was able to easily get around it...