Bolt is a medium rated machine on HackTheBox created by d4rkpayl0ad & TheCyberGeek. For the user part we will fuzz multiple vhosts and analyze source code to find a SSTI vulnerability which l...
Hack The Box - EarlyAccess
User EarlyAccess is a hard rated machine on HackTheBox created by Chr0x6eOs. For the user part we will first abuse a XSS vulnerability in a contact form to obtain the adminโs cookie. From there ...
Hack The Box - Horizontall
Horizontall is an easy rated machine on HackTheBox created by wail99. To get user we will abuse 2 CVEโs in a strapi application whichs result in a reverse shell on the machine. There we discover ...
Hack The Box - Anbuis
Anubis is an insane rated machine on HackTheBox created by 4ndr34z. For the user part we will exploit a command injection in a contact form to get system in a docker container. There we discover ...
Hack The Box - Forge
Forge is a medium rated machine on HackTheBox created by NoobHacker9999. For the user part we will abuse a SSRF vulnerability to bypass ip blacklisting and retrieve a private ssh key. After this ...
Hack The Box - Developer
Developer is a hard rated machine on HackTheBox created by TheCyberGeek. For the user part we will exploit a XSS vulnerability in a writeup submission form on a CTF platform. The application is vul...
Hack The Box - Previse
Previse is an easy rated machine on HackTheBox created by m4lwhere. For the user part we will exploit direct access to the registration form, which will give us access to the source code of the web...
Hack The Box - Static
Static is a hard rated machine on HackTheBox created by ompamo. For the user part we will first recover a broken gzip file to retrieve an OTP secret. With this and common default credentials we are...
Hack The Box - Writer
User Writer is a medium rated machine on HackTheBox create by TheCyberGeek. For the user part we will abuse a SQLI to read local files containing the root of the webserver and finally credentials ...
Hack The Box - Pikaboo
Pikaboo is a hard rated machine on HackTheBox created by pwnmeow and polarbearer. For the user part we will exploit path normalisation on the web server configurations to access a restricted path. ...
