Description MonitorsTwo is an easy Hack The Box machine that features: Remote Command Execution Sensitive Data Exposure Hash Cracking Misconfigured Docker and SUID Privilege Escalation Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.211. $ ping -c 3 10.10.11.211 PING 10.10.11.211 (10.10.11.211) 56(84) bytes of data. 64 bytes from 10.10.11.211: icmp_seq=1 ttl=63 time=42.8 ms 64 bytes from 10.10.11.211: icmp_seq=2 ttl=63 time=44.7 ms 64 bytes from 10.10.11.211: icmp_seq=3 ttl=63 time=43.5 ms --- 10.10.11.211 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 42.750/43.657/44.715/0.809 ms The machine is active and with the TTL that equals 63 (64 minus 1 jump) we can assure that it is an Unix machine. Now we are going to do a Nmap TCP SYN port scan to check all opened ports. ...

Introducción The buffer overflow, also known as buffer overflow, is a security vulnerability in software programming that occurs when more data is introduced into a memory area (buffer) than it can handle. This situation may allow an attacker to overwrite adjacent data in the memory, which potentially leads to the execution of malicious code or alteration of a program’s flow.️ When a program does not verify the amount of data entered into a buffer, it risks an attacker exploiting this weakness to inject malicious code, overwrite important information or even take control of the system. Prevention of buffer overflow involves good programming practices and the use of security techniques such as input validation and boundary checking to prevent this type of vulnerability.️ ...

Description OnlyForYou is a medium Hack The Box machine that features: Local File Inclusion in Python web application revealing source code of other application Main web application vulnerable to Command Injection Internal service discovery and Cypher Neo4j injection to obtain credentials for user pivoting Privilege Escalation via an user allowed to run pip3 download command with command execution Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.210. ...

Description Busqueda is an easy Hack The Box machine that features: Arbitrary Code Execution via Unsanitized Python Eval Sensitive Data Exposure VHOST Discover Bypassing Paths of Python File Privilege Escalation Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.208. $ ping -c 3 10.10.11.208 PING 10.10.11.208 (10.10.11.208) 56(84) bytes of data. 64 bytes from 10.10.11.208: icmp_seq=1 ttl=63 time=43.8 ms 64 bytes from 10.10.11.208: icmp_seq=2 ttl=63 time=43.8 ms 64 bytes from 10.10.11.208: icmp_seq=3 ttl=63 time=43.3 ms --- 10.10.11.208 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2004ms rtt min/avg/max/mdev = 43.335/43.657/43.843/0.229 ms The machine is active and with the TTL that equals 63 (64 minus 1 jump) we can assure that it is an Unix machine. Now we are going to do a Nmap TCP SYN port scan to check all opened ports. ...

Description Agile is a medium Hack The Box machine that features: Path Traversal in web application with Werkzeug debug activated leading to Remote Command Execution User Pivoting by leaked credentials in the password database User Pivoting by watching and interacting with Selenium session Privilege Escalation via a modification of the Python virtualenv initialization script with a SUDO vulnerability Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.203. ...

Introduction️ Between the capabilities of the device Flipper Zero is the decoding of radio protocols below 1 GHz (Sub-GHz) frequencies. One of the available applications is Weather Station that decodes signals from temperature and humidity sensors. Due to the architecture of the application and the nature of the code project it is possible to add new protocols to the application.️ We will add the TWINS protocol based on ThermoPRO-TX4 and Polaroid based on inFactory-TH. We will also observe how to compile the application.️ ...

Description Socket is a medium Hack The Box machine that features: Reverse Engineering and PyInstaller decompiling to discover Python code SQL Injection to a WebSocket endpoint revealing credentials Reused credentials and SSH login Privilege Escalation via a PyInstaller build script that allow extracting sensitive files Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.206. ...

Description Inject is an easy Hack The Box machine that features: Local File Inclusion Remote Command Execution Sensitive Data Exposure Ansible Playbook Privilege Escalation Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.204. $ ping -c 3 10.10.11.204 PING 10.10.11.204 (10.10.11.204) 56(84) bytes of data. 64 bytes from 10.10.11.204: icmp_seq=1 ttl=63 time=46.8 ms 64 bytes from 10.10.11.204: icmp_seq=2 ttl=63 time=44.3 ms 64 bytes from 10.10.11.204: icmp_seq=3 ttl=63 time=43.9 ms --- 10.10.11.204 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2004ms rtt min/avg/max/mdev = 43.861/44.977/46.769/1.279 ms The machine is active and with the TTL that equals 63 (64 minus 1 jump) we can assure that it is an Unix machine. Now we are going to do a Nmap TCP SYN port scan to check all opened ports. ...

Introduction️ The web MalAPI.io collects a list of Windows APIs that can be used by malicious programs to perform unwanted actions on the operating system. To analyze executables in search of these strings, a Python tool has been developed that automatically scans the file passed as a parameter.️ Use of MalAPI Scanner️ To use, simply pass the executable file to analyze as a parameter and have the malapi.json file in the same directory with the API database extracted from the website. This is an example of its execution.️ ...

Description Stocker is an easy Hack The Box machine that features: VHOST Enumeration NoSQL injection Server Side XSS (Dynamic PDF) Sensitive Data Exposure Sudo Execution Bypassing Paths Privilege Escalation Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.196. $ ping -c 3 10.10.11.196 PING 10.10.11.196 (10.10.11.196) 56(84) bytes of data. 64 bytes from 10.10.11.196: icmp_seq=1 ttl=63 time=43.3 ms 64 bytes from 10.10.11.196: icmp_seq=2 ttl=63 time=43.5 ms 64 bytes from 10.10.11.196: icmp_seq=3 ttl=63 time=43.3 ms --- 10.10.11.196 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2004ms rtt min/avg/max/mdev = 43.315/43.389/43.527/0.097 ms The machine is active and with the TTL that equals 63 (64 minus 1 jump) we can assure that it is an Unix machine. Now we are going to do a Nmap TCP SYN port scan to check all opened ports. ...