Delivery was an easy difficulty machine on Hack the Box.

TL;DR I’ll identify a helpdesk virtual subdomain which will allow me to create a ticket with a temporary email address. Using that address I’ll create an account on Mattermost instance on port 8065 where I’ll find credentials to SSH. Using…

Laboratory was an easy machine on Hack the Box.

TL;DR: I’ll find a virtual domain with a vulnerable instance of Gitlab. It can be exploited to gain a shell on Docker instance. I’ll use this access to change Dexter’s password and gain access to his private repository. The repository contains…

Academy was an easy machine on Hack the Box.

Academy

I’ll exploit a simple pivilege escalation in registration form gain access to administrator panel. Admin panel will reveal a virtual subdomain where I’ll exploit a RCE in Laravel framework. Using that access I’ll find a database password that’s been reused by…

Cache was medium diffculty machine on Hack the Box. Here’s my take on solving the challenge.

Cache

TL;DR: There’s a virtual host on webserver with an instance of a vulnerable version of OpenEMR. It’s vulnerabilities can be chained up, first to gain patient access, then use it to exploit authenticated sql…

Travel was a hard difficulty mahcine of Hack the Box. Here’s my take on solving the challenge.

Travel

TL;DR: Travel was really great box with some advanced web exploitation. I’ll find a virtual subodmain in SSL certificate that contains a stray .git folder. It’ll allow me to reconstruct php files, where…

Buff was an easy machine on Hack the Box. Here’s my take on solving the challenge

Buff

TL;DR: There’s a Gym Management Software running on HTTP port 8080. It’s vulnerable to a unauthenticated PHP file upload and therefore RCE. …

Cascade was a medium difficulty machine on Hack the box. Here’s my take on solving the machine

TL;DR: There’s a public LDAP database endpoint available. One of users has a custom field that reveals it’s password. Using this access it’s possible to access a SMB share that contains a VNC…

Magic was a medium difficulty machine on Hack the box. Here’s my take on solving the machine

TL;DR: Sql injection in login form allows authentication bypass and grants access to a image upload feature. The feature’s filter can by bypassed by sending a PHP file prepended with PNG format header…

Tellico Lungrevink

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store