HackTheBox Walkthrough : Driver

So today we are come with another challenge from “HackTheBox” called “Driver” which is based on the exploitation of Print Nightmare Vulnerability . So without wasting time let start the journey. Level : Medium Attacking Strategy Networking Scanning Nmap Enumeration Web application enumeration Upload functionality Exploitation SCF attack Privilege Escalation Print Nightmare Vulnerability Walkthrough IP … Read more

HTB Walkthrough : Horizontall

Today we are going to solve an another challenge from HackTheBox named “Horizontall” . This box is based on strapi which is next-gen headless CMS, open-source, JavaScript, enabling content-rich experiences to be created, managed and exposed to any digital device, so without wasting too much time let start the journey . Level : Medium Attacking … Read more

HTB Walkthrough : Previse

So today we have a different challenge from HackTheBox called Previse . Its medium level box which some misconfiguration with web application . So without wasting time let go. Level : Medium Attacking Strategy Network Scanning Nmap Enumeration Content Discovery Bypass login Exploitation Remote Code Execution Privilege Escalation MYSQL Dump PATH Environment Privilege Escalation Walkthrough … Read more

HackTheBox Walkthrough : NunChucks

Today we are going to solve another challenge from “Hackthebox” called “nunchucks” created by TheCyberGeek . Lab is based on exploiting express template with remote code execution and abusing the capabilities on Perl binary. So without time let start . Level : Easy Attacking Strategy Recon Nmap Enumeration Sub Domain Enumeration Express Template Injection SSTI … Read more

HackTheBox Walkthrough : Seal

Today we have another challenge from “hackthebox” called seal . In this lab we enumerate git-bucket and discover the credentials and other endpoint and by exploiting cronjob we get root.So without wasting time let start. Level : Medium Attacking Strategy Recon Nmap Enumeration Git-bucket Enumeration Credential Discovery Bypass restriction Exploitation Tomcat Reverse shell Privilege Escalation … Read more

HackTheBox Walkthrough : Secret

Today we have another challenge from hackthebox called secret which is designed by “z9fr“. We are going to learn various techniques like enumerating commits , analyzing the application code , exploiting API , much more, So without wasting time let start. Level : Medium Attacking Strategy Network Scanning Nmap Enumeration Content Discovery using feroxbuster Code … Read more

HackTheBox Walkthrough : Explore

Today we come up with another challenge from “Hackthebox” called “explore”. This lab is based on android exploitation in which ES explorer is vulnerable . So without wasting too much time let start. Level : Easy Attacking Strategy Networking Scanning Nmap Exploitation ES explorer Vulnerability (CVE-2019-6447) Privilege Escalation Port Forwarding ADB Shell Walkthrough IP Address … Read more

HackTheBox Walkthrough : Monitors

We’ll look at another one of HackTheBox machines today, called “Monitors”. In this lab we are going to exploit WordPress CMS , WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database . Level : Hard Attacking Strategy Network Scanning Nmap Enumeration WordPress Enumeration using … Read more

HTB Walkthrough : Pit

Today we have another challenge from Hackthebox called “pit”. This is lab is based on exploitation of seeddms which is a free document management system with an easy to use web based user interface for small and medium sized enterprises. It is based on PHP and MySQL or sqlite3 and runs on Linux, MacOS and … Read more

HTB Walkthrough : Cap

Today we come with another challenge from Hackthebox called cap . This is easy level machine in which non encrypted traffic was going on and using Wireshark we analyze the traffic .So without wasting time let start the machine. Level : Easy Attacking Strategy Network Scanning Nmap Enumeration PCAP dump Analyze pcap file extract Credentials … Read more