Donald Ashdown
Hack the Box - Seal
git review, ssl ssrf, rev proxy, sym link, ansible playbook,
top of page
Search
Donald Ashdown
- Nov 28, 2021
Hack the Box - Intelligence
IDOR, cluster bomb, DNS Poisonings, MITM, Time synch
Donald Ashdown
- Nov 25, 2021
Hack the Box - Bounty Hunter
XXE injection with PHP was the main focus of this machine.
Donald Ashdown
- Nov 22, 2021
Hack the Box - Nunchucks
Subdomain enum, SSTI, app armor bypass (GTFO),
Donald Ashdown
- Nov 15, 2021
Hack the Box - Explore
SSH pass,
ADB ,
EsFileExplore,
SSH port forwarding,
Donald Ashdown
- Nov 6, 2021
Hack the Box Dynstr
Work flow Summary This was a rather difficult machine that involves command injection with bad character encoding for initial foothold,...
Donald Ashdown
- Oct 19, 2021
Hack the Box Querier
Summary This was an amazing machine that involved insecure file sharing services that provided credentials for an SQL server connection...
Donald Ashdown
- Oct 11, 2021
Hack the Box Validation
This was an amazing machine created by ippsec that required "second order" SQL injection. This provides the surface area to inject a webshel
Donald Ashdown
- Oct 4, 2021
Hack the box - Knife
An extremely easy box that really shows the range of difficulties which can be within the "easy" band of Hack the box difficulties
Donald Ashdown
- Sep 12, 2021
Hack the box - Monteverde
Summary This machine is very unique as it involves working with Azure AD services and is one of a kind on HTB. This machine is vulnerable...
Donald Ashdown
- Sep 3, 2021
Hack the box Luanne
Summary This was a very difficult machine that required indepth knowledge or investigations into Lua based scripting errors and openbsd...
Donald Ashdown
- Aug 30, 2021
Hack the box Love
A great machine that involves webshells, and exploiting lazy admin configurations while utilizing msfvenom.
Donald Ashdown
- Aug 16, 2021
Hack the Box - Poison
A machine involving LFI-RFI, SSH tunneling to access a local port/service.
Donald Ashdown
- Aug 11, 2021
Hack The Box - Chatterbox
Summary Chatterbox was a fantastic machine that involved some CVE troubleshooting with a buffer overflow. This provided the initial foot...
Donald Ashdown
- Jul 30, 2021
Hack the Box Jeeves
Summary This was a fantastic Windows machine that involved deeper enumeration to identify a service running on a non standard port of...
Donald Ashdown
- Jul 23, 2021
Try Hack Me Buffer Overflow 2
Configure Mona - Prepare our environment and temp folder Crash the application - We will use a standard fuzzing script for this that will...
Donald Ashdown
- Jul 10, 2021
Kaseya MSP Incident Response
As someone who has a history of working for MSP's, today might be one of the most memorable days for the remainder of my life. A very...
Donald Ashdown
- Jul 7, 2021
HTB Red Cross
Summary This was an extremely cool box with many paths to gain user and root. The machine starts off with several subdomains requiring...
Donald Ashdown
- Jul 3, 2021
Hack the Box - Spectra Walkthrough
Summary Spectra is a great machine in which your journey will start with WordPress vulnerabilities and a GUI dashboard. Planting a...
Donald Ashdown
- Jun 28, 2021
HTB Cronos
Summary This was a great machine that did not provide anything too challenging or obscure which I really appreciated. It did however test...
Donald Ashdown
- Jun 27, 2021
THM Buffer Over Flow 1
We will be tackling the vulnerable application for the THM buffer overflow challenge level 1. Configure Mona Mona is a script that helps...
Donald Ashdown
- Jun 26, 2021
HTB October
Summary This was a great machine involving guided routes for the initial access to the machine, without many rabbit holes. From here we...
Donald Ashdown
- Jun 23, 2021
HTB Canape
This machine largely involved the enumeration of a git repository and flask application running on a couchDB. Writing a python script...
Donald Ashdown
- Jun 19, 2021
HTB - Delivery
Overview This machine features an IT departments ticketing system that allows you to gain access by registering for a new account out of...
bottom of page