Kryptos - Hack The Box
I loved the Kryptos machine from Adamm and no0ne. It starts with a cool parameter injection in the DSN string so I can redirect the DB queries to my VM and h...
Entradas recientes
Luke - Hack The Box
Luke is a easy machine that doesn’t have a lot steps but we still learn a few things about REST APIs like how to authenticate to the service and get a JWT to...
Bastion - Hack The Box
Bastion was an easy box where we had to find an open SMB share that contained a Windows backup. Once we mounted the disk image file, we could recover the sys...
Onetwoseven - Hack The Box
OneTwoSeven starts with enumeration of various files on the system by creating symlinks from the SFTP server. After finding the credentials for the ots-admin...
Unattended - Hack The Box
Unattended was a pretty tough box with a second order SQL injection in the PHP app. By injecting PHP code into the web server access logs through the User-Ag...