This is one of my favourite boxes. This box require a lot of web enumeration, exploitation of multiple vulnerabilities, pivoting, binary exploitation, code analysis so that we can learn a
Hello everyone! This is my writeup of HackTheBox Hard Difficulty box names Blackfield. What i like about this box is that it is quite straighforward and teaches how to enumerate
This is my wripteup for HackTheBox Intelligence which is medium windows box that mainly focuses on active directory enumeration and exploitation. I’m really not so confident doing windows boxes but
This was great OSCP-like box. It requires really careful enumeration and teaches us patience. I very like the privilege escalation part which was quite unique for HTB machines. I learnt
I think it was quite fun box. In case of steps that one have to perform to get the flags i may say it’s difficulty is rather of easy side
This box was really awesome. It was the type of box that i like the most. I learnt a lot of new things, especially bypassing reverse proxies authentication and ansible
It was a really cool box. For me it was a great oppurtunity to polish my python skills and partice exploiting SSRF vulnerability (this box has double SSRF :D). I
Recon: nmap scan: gobuster scan: subdomain wfuzz scan: There was nothing interesting on the main page. All subdomain navigate to the same page: I could not find any exploit that
Hey everyone, I was doing HackTheBox Faculty machine, i came across mPDF 7.0 LFI vulnerability. I found exploit for this https://www.exploit-db.com/exploits/50995 . To my mind the way how it works it’s