Hack The Box - Writeup
Description SQLI in CMSMS to get a user shell & use run-parts which is run at each SSH login to get a reverse shell as root.
[Read More]
Hack The Box
Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.
Hack The Box - Swagshop
Use Magento Admin Panel with magpleasure_filesystem to get a user shell & use sudo without password to get a root shell.
[Read More]
Hack The Box - Netmon
Exploit notification form in PRTG Network Monitor.
[Read More]
Hack The Box - Flujab
SQLI through email & weak SSH keys in debian to get a user shell & escape RBASH & screen local root exploit to get a root shell.
[Read More]
Hack The Box - Friendzone
DNS zone-transfer to check new domains & combo LFI, SMB to get a user shell & python library injection to get a root shell.
[Read More]
Hack The Box - Help
RFI in Helpdeskz to get a user shell & linux kernel local exploit to get a root shell.
[Read More]
Hack The Box - Irked
Exploit Unrealircd vulnerability with msf to get a user shell & exploit local suid binary to get a root shell.
[Read More]