Description Cypher is a medium Hack The Box machine that features: Command Injection in a Neo4j procedure using Cypher language that leads into RCE User Pivoting by using a credential stored in a file that Neo4j user can read Privilege Escalation by loading custom YARA rules into bbot tool ran as root user Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.129.192.246. ...

Description Dog is an easy Hack The Box machine that features: Git repository exposing database and user credentials Backdrop CMS Remote Command Execution vulnerability via a plugin User Pivoting by using previous credential Privilege Escalation via Backdrop Bee “php-script” functionality Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.129.219.144. $ ping -c 3 10.129.219.144 PING 10.129.219.144 (10.129.219.144) 56(84) bytes of data. 64 bytes from 10.129.219.144: icmp_seq=1 ttl=63 time=112 ms 64 bytes from 10.129.219.144: icmp_seq=2 ttl=63 time=209 ms 64 bytes from 10.129.219.144: icmp_seq=3 ttl=63 time=112 ms --- 10.129.219.144 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 111.500/144.206/209.278/46.012 ms The machine is active and with the TTL that equals 63 (64 minus 1 jump) we can assure that it is an Unix machine. Now we are going to do a Nmap TCP SYN port scan to check all opened ports. ...

Description Cat is a medium Hack The Box machine that features: Git repository exposes the source code of the web application Cross-Site Scripting in web application allowing the retrieval of the administrator session SQL Injection in the administration dashboard allows credential retrieval Login to the machine using the credentials User pivoting by using leaked credentials in Apache access log Discovery on internal Gitea service vulnerable to Stored XSS vulnerability Privilege Escalation by reading an exposed credential in an administrator Git repository using the XSS vulnerability Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.129.234.158. ...

Introduction The Flipper Zero is a multifunction device for hacking, security testing and radio frequency protocol exploration. One of its most highlighted features is the ability to transmit and receive SubGHz signals, using the Texas Instruments CC1101 chip, a programmable low-power RF transmitter. SubGHz refers to the range of radio frequencies below 1 GHz (typically between 300 MHz and 928 MHz, depending on the region). These frequencies are used by devices such as remote garage door controls or wireless sensors (temperature, movement, alarms). ...

Description Titanic is an easy Hack The Box machine that features: Subdomain Enumeration to find a Gitea instance with source code of a web application Path Traversal vulnerability in web ticketing application allowing the retrieval of a database with hashed credentials Hash Cracking and password reuse in a Linux user Privilege Escalation via Arbitrary Code Execution in ImageMagick script ran by root user Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.129.46.214. ...

Description Backfire is a medium Hack The Box machine that features: Unauthenticated Server Side Request Forgery in Havoc Framework C2 Develop of WebSockets frames using TCP sockets Authenticated Remote Command Execution in Havoc Framework C2 as the running user Default configuration of HardHatC2 software allows to forge custom JSON Web Tokens allowing the access to the application and the ability to run commands as another user Privilege Escalation using iptables and iptables-save allowing to modify system files Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.129.163.156. ...

Introduction The firmware is the embedded software that controls the basic functioning of electronic devices, from routers and IP cameras to smart home appliances and industrial systems. Unlike traditional software, firmware operates directly on hardware, making it a critical target in terms of security, functionality, and privacy. Firmware analysis involves examining this embedded software to understand its internal workings, detect potential vulnerabilities, identify backdoors, and in some cases modify or extract relevant information. This type of analysis is particularly relevant in security audits, forensic investigations, reverse engineering, or exploit development. ...

Description EscapeTwo is an easy Hack The Box machine that features: Initial access using an assumed breach scenario that leads in a discovery of a SMB share SMB share with damaged spreadsheet reveal DB Administrator credentials DB Administrator is able to run commands and read a file with credentials Credential’s user have WriteOwner permission over Certification Authority account Certification Authority account password can be changed Privilege Escalation via a vulnerability in a certification template Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.129.241.157. ...

Description Heal is a medium Hack The Box machine that features: Path Traversal in a Ruby on Rails web application Database Dump of a Ruby on Rails web Application Weak password found in database dump allows the login to LimeSurvey application Remote Command Execution using LimeSurvey application and the upload of a malicious plugin User Pivoting by using a reused password from a configuration file of LimeSurvey Privilege Escalation by abusing a weak instance of Consul that allows the execution of commands Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.129.30.209. ...

Description UnderPass is an easy Hack The Box machine that features: SNMP Enumeration to find an installed web application Use of default credentials in the RADIUS management web application User and Password Enumeration of the RADIUS web application Password Reuse of RADIUS user in Linux server Privilege Escalation via Mosh (Mobile Shell) command executed with root permissions Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.129.145.216. ...