index-logo

WriteUPs

Logo

Rebound - HTB

Rebound is an insane difficulty machine on HackTheBox. Initially, we'll exploit RID brute force to obtain a list of valid users on the Domain Controller. One of these users is vulnerable to...

Read more
Logo

Analytics - HTB

Analytics is an easy machine on HackTheBox. Firstly, we'll exploit a vulnerable version of Metabase to achieve command execution on the victim machine...

Read more
Logo

Manager - HTB

Manager is a medium-difficulty machine on HackTheBox. Initially, we'll abuse the guest session to perform a RID Bruteforce attack to identify...

Read more
Logo

Visual - HTB

Visual is a medium-difficulty machine on HackTheBox. Initially, we will exploit a website that builds our custom Visual Studio projects by abusing...

Read more
Logo

Drive - HTB

Drive is a hard-difficulty machine on HackTheBox. Initially, we exploit an IDOR (Insecure Direct Object Reference) vulnerability to access private messages, revealing...

Read more
Logo

Clicker - HTB

Clicker is a medium-difficulty machine on HackTheBox. Firstly, we will exploit an NFS share to obtain the source code of a website. After reading the source code...

Read more
Logo

Zipping - HTB

Zipping is a medium-difficulty machine on HackTheBox. Initially, we will exploit a Local File Inclusion (LFI) vulnerability to gain access to...

Read more
Logo

Sau - HTB

Sau is an easy difficulty machine on the HackTheBox platform. Firstly, we will exploit an SSRF vulnerability in `request-baskets` to gain access to...

Read more
Logo

Authority - HTB

Authority is a medium-difficulty machine on HackTheBox. Initially, we will decrypt Ansible vaults using the ansible2john tool to extract...

Read more
Logo

Pilgrimage - HTB

Pilgrimage is an easy difficulty machine on HackTheBox, exposing an HTTP service on port 80. Our initial step involves dumping a `.git` directory to retrieve...

Read more
Logo

Sandworm - HTB

Sandworm is a medium difficulty machine on HackTheBox. Firstly, we will exploit an SSTI vulnerability by abusing reflection...

Read more
Logo

Download - HTB

Download is a hard difficulty machine on HackTheBox. The machine features a web service that allows file uploads. While attempting to download the files, we discover a...

Read more
Logo

Topology - HTB

Topology is an easy-level machine on HackTheBox. Initially, we need to exploit a LaTeX Injection to gain access to...

Read more
Logo

Gofer - HTB

Gofer is a hard-level machine on the HackTheBox platform. Initially, we encounter a network-level shared resource via SMB that leaks a file containing pertinent information for...

Read more
Logo

Jupiter - HTB

Jupiter is a medium-difficulty machine on the HackTheBox platform. To start, we encounter a web service running...

Read more
Logo

Intentions - HTB

Intentions is a hard-level machine from the HackTheBox platform. Initially, we discovered a SQL injection vulnerability that allowed us to obtain...

Read more
Logo

PC - HTB

PC is an easy-level machine from HackTheBox. Firstly, we discover the gRPC service running on port "50051". Using the "grpcgui" tool, we set up a service to access it through...

Read more
Logo

Format - HTB

Format is a medium-difficulty machine in which we need to exploit a web service to read system files. We achieve this by inspecting the page's source code hosted on port 3000 in a...

Read more
Logo

Snoopy - HTB

Snoopy is a hard level machine featured on the HackTheBox platform. Initially, our objective entails exploiting a Local File Inclusion vulnerability to extract...

Read more
Logo

Blackfield - HTB

Blackfield is a hard level machine on the HackTheBox platform. It is an Active Directory-based environment, where our initial reconnaissance involved analyzing a network-level shared resource exposed through...

Read more
Logo

Inject - HTB

This is an easy-level machine in which we exploit a file upload vulnerability to make the page show us how we can access them. The page utilizes a parameter in the GET method to access system files, allowing us to exploit...

Read more
Logo

Escape - HTB

Escape is a medium difficulty machine on the HackTheBox platform. It is a machine that hosts an Active Directory service. Initially, we acquire credentials through a PDF exposed via...

Read more
Logo

Busqueda - HTB

Busqueda is a platform that provides a website offering links to various web pages based on user input. Behind the scenes, it utilizes the Python...

Read more
Logo

OnlyForYou - HTB

OnlyForYou is a medium-level machine in which we exploit Python and Neo4j (Cypher Injection)...

Read more