writeups

Sunday 30 August 2020 (2020-08-30)

🇬🇧

OhSINT - Write-up - TryHackMe

Information Room# Name: OhSINT Profile: tryhackme.com Difficulty: Easy OS: None Description: Are you able to use open source intelligence to solve this challenge? Write-up Overview# Install tools u

writeups

Friday 21 August 2020 (2020-08-21)

🇬🇧

Magic - Write-up - HackTheBox

Information Box# Name: Magic Profile: www.hackthebox.eu Difficulty: Medium OS: Linux Points: 30 Write-up Overview# TL;DR: SQLi, webshell upload with bypass, EoP via SUID tool using unsecured PATH.

writeups

Friday 21 August 2020 (2020-08-21)

🇬🇧

Blue - Write-up - TryHackMe

Information Room# Name: Blue Profile: tryhackme.com Difficulty: Easy OS: Windows Description: Deploy & hack into a Windows machine, leveraging common misconfigurations issues. Write-up Overview

writeups

Saturday 15 August 2020 (2020-08-15)

🇬🇧

Traceback - Write-up - HackTheBox

Information Box# Name: Traceback Profile: www.hackthebox.eu Difficulty: Easy OS: Linux Points: 20 Write-up Overview# TL;DR: finding & abusing a PHP webshell to get system access, then EoP to an

writeups

Saturday 8 August 2020 (2020-08-08)

🇬🇧

Fatty - Write-up - HackTheBox

Information Box# Name: Fatty Profile: www.hackthebox.eu Difficulty: Insane OS: Linux Points: 50 Write-up Overview# TL;DR: Java code review, bytecode JAR modification; exploit deserialization. Insta

writeups

Friday 31 July 2020 (2020-07-31)

🇬🇧

Oouch - Write-up - HackTheBox

Information# Box# Name: Oouch Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up# Overview# TL;DR: The 1st part is a lot about oAuth and the EoP part about DBus and UWSGI. In

writeups

Friday 24 July 2020 (2020-07-24)

🇬🇧

Cascade - Write-up - HackTheBox

Information# Box# Name: Cascade Profile: www.hackthebox.eu Difficulty: Medium OS: Windows Points: 30 Write-up# Overview# TL;DR: SMB enum users LDAP enum object properties SMB enum shares AD Recycl

writeups

Saturday 11 July 2020 (2020-07-11)

🇬🇧

Book - Write-up - HackTheBox

Information# Box# Name: Book Profile: www.hackthebox.eu Difficulty: Medium OS: Linux Points: 30 Write-up# Overview# TL;DR: SQL truncation -> admin accounts SSRF -> XSS -> file disclosure

writeups

Sunday 5 July 2020 (2020-07-05)

🇬🇧

ForwardSlash - Write-up - HackTheBox

Information# Box# Name: ForwardSlash Profile: www.hackthebox.eu Difficulty: Hard OS: Linux Points: 40 Write-up# Overview# TL;DR: There is a web application with a parameter vulnerable to file discl

securitynews

Thursday 25 June 2020 (2020-06-25)

🇬🇧

Disable clipboard events override

Everyone encountered at least once a form that ask you to confirm your password or email address to check you didn't make some mistake when re-typing it. But it's not rare at all to have those websi

Archive: 2020