Hack the Box

Description Ambassador is a medium Hack The Box machine that features: Path Traversal vulnerability in Grafana that allows reading administrator and MySQL service credentials MySQL database contains plain-text credentials of a Linux user Privilege Escalation by using Consul application executed as root user and leaked authentication token in a GIt repository Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.183. ...

Description UpDown is a medium Hack The Box machine that features: Web server directory enumeration to find the source code of the application in beta phase Source code of the application allow access to the beta application via a special HTTP header Source code of the application reveals that it is vulnerable to Insecure File Upload and to Local File Inclusion, which end in a Remote Command Execution vulnerability User Pivoting by using a Python program in binary format allowed to be executed as other user Privilege Escalation by using the easy_install command allowed to be run as root user Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.177. ...

Description Shoppy is an easy Hack The Box machine that features: Web application Authentication Bypass by using a NoSQL injection User Enumeration by using a NoSQL injection to obtain an user hashed password Service Enumeration to find a Mattermost instance which credentials to login in the machine User Pivoting by reverse engineering a password manager application Privilege Escalation by creating a Docker container with root permissions to create malicious binaries Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.180. ...

Description Health is a medium Hack The Box machine that features: Web application with Server Side Request Forgery vulnerability by using a proxy server and redirects Access to a vulnerable Gogs Git service vulnerable to SQL Injection Deploy of local Gogs server to find the SQL Injection payload for retrieving user data Password hash recognition and recovery Privilege Escalation by abusing Cron functionality of the web application executed by root user Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.176. ...

Description Squashed is an easy Hack The Box machine that features: NFS share allow uploading files to a web server allowing Remote Command Execution NFS share allows reading X11 authentication cookie of another user Privilege Escalation by using a credential leaked in a screenshot from a X11 display Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.191. ...