HTB Writeup: Lightweight

Posted on Fri 22 February 2019 in Writeups • Tagged with hack-the-box, writeup, walkthrough

Writeup of 30 points Hack The Box machine - Lightweight. User flag is obtainable after leveraging misconfigured OpenLDAP (plaintext authentication). Root flag is accessible after leveraging another misconfiguration - wrongly set capabilities for openssl binary. Detailed writeup is available.

lightweight OS Linux
Author m0xEA31
Difficulty Medium
Points 30
Released 08-12-2018
IP 10.10.10.119


Continue reading

HTB Writeup: Zipper

Posted on Thu 21 February 2019 in Writeups • Tagged with hack-the-box, writeup, walkthrough

Writeup of 40 points Hack The Box machine - Zipper. It is an interesting Linux machine with Docker containers inside. In order to read user flag, Zabbix API is put to use. Root flag is obtainable after exploiting usage of relative paths in SUID binary. Detailed writeup will be available soon.

zipper OS Linux
Author burmat
Difficulty Hard
Points 40
Released 20-10-2018
IP 10.10.10.108


Continue reading

HTB Writeup: Help

Posted on Tue 19 February 2019 in Writeups • Tagged with hack-the-box, writeup, walkthrough

Writeup of 20 points Hack The Box machine - Help. It is a simple Linux box. User flag could be read by exploiting HelpDeskZ software. Root access is obtainable with usage of an exploit (CVE-2017-16995) against outdated kernel. Detailed writeup is available.

help OS Linux
Author cymtrick
Difficulty Easy
Points 20
Released 19-01-2019
IP 10.10.10.121


Continue reading

HTB Writeup: Giddy

Posted on Sun 17 February 2019 in Writeups • Tagged with hack-the-box, writeup, walkthrough

Writeup of 30 points Hack The Box machine - Giddy. It is a Windows machine. User flag is obtainable after exploiting SQLi vulnerability. Root flag is to get with usage of CVE-2016-6914 and simple AV evasion. Detailed writeup is available.

giddy OS Windows
Author lkys37en
Difficulty Medium
Points 30
Released 08-09-2018
IP 10.10.10.104


Continue reading