Cyber Blog​

git review, ssl ssrf, rev proxy, sym link, ansible playbook,

IDOR, cluster bomb, DNS Poisonings, MITM, Time synch

XXE injection with PHP was the main focus of this machine.

Subdomain enum, SSTI, app armor bypass (GTFO),

SSH pass, ADB , EsFileExplore, SSH port forwarding,

Work flow Summary This was a rather difficult machine that involves command injection with bad character encoding for initial foothold,...

Summary This was an amazing machine that involved insecure file sharing services that provided credentials for an SQL server connection...

This was an amazing machine created by ippsec that required "second order" SQL injection. This provides the surface area to inject a webshel

An extremely easy box that really shows the range of difficulties which can be within the "easy" band of Hack the box difficulties

Summary This machine is very unique as it involves working with Azure AD services and is one of a kind on HTB. This machine is vulnerable...

Summary This was a very difficult machine that required indepth knowledge or investigations into Lua based scripting errors and openbsd...

A great machine that involves webshells, and exploiting lazy admin configurations while utilizing msfvenom.

A machine involving LFI-RFI, SSH tunneling to access a local port/service.

Summary Chatterbox was a fantastic machine that involved some CVE troubleshooting with a buffer overflow. This provided the initial foot...

Summary This was a fantastic Windows machine that involved deeper enumeration to identify a service running on a non standard port of...

Configure Mona - Prepare our environment and temp folder Crash the application - We will use a standard fuzzing script for this that will...

As someone who has a history of working for MSP's, today might be one of the most memorable days for the remainder of my life. A very...

Summary This was an extremely cool box with many paths to gain user and root. The machine starts off with several subdomains requiring...

Summary Spectra is a great machine in which your journey will start with WordPress vulnerabilities and a GUI dashboard. Planting a...

Summary This was a great machine that did not provide anything too challenging or obscure which I really appreciated. It did however test...

We will be tackling the vulnerable application for the THM buffer overflow challenge level 1. Configure Mona Mona is a script that helps...

Summary This was a great machine involving guided routes for the initial access to the machine, without many rabbit holes. From here we...

This machine largely involved the enumeration of a git repository and flask application running on a couchDB. Writing a python script...

Overview This machine features an IT departments ticketing system that allows you to gain access by registering for a new account out of...