Posts

Description Stocker is an easy Hack The Box machine that features: VHOST Enumeration NoSQL injection Server Side XSS (Dynamic PDF) Sensitive Data Exposure Sudo Execution Bypassing Paths Privilege Escalation Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.196. $ ping -c 3 10.10.11.196 PING 10.10.11.196 (10.10.11.196) 56(84) bytes of data. 64 bytes from 10.10.11.196: icmp_seq=1 ttl=63 time=43.3 ms 64 bytes from 10.10.11.196: icmp_seq=2 ttl=63 time=43.5 ms 64 bytes from 10.10.11.196: icmp_seq=3 ttl=63 time=43.3 ms --- 10.10.11.196 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2004ms rtt min/avg/max/mdev = 43.315/43.389/43.527/0.097 ms The machine is active and with the TTL that equals 63 (64 minus 1 jump) we can assure that it is an Unix machine. Now we are going to do a Nmap TCP SYN port scan to check all opened ports. ...

Description Escape is a medium Hack The Box machine that features: PDF file of a accesible SMB share reveals MSSQL credentials MSSQL service account NTLM hash capture and crack to elevate the privileges User Pivoting by leaked credentials in a log file Privilege Escalation via impersonating the Administrator user using the ESC1 vulnerability in Certificate Templates used in Active Directory Certificate Services Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.202. ...

Description Soccer is an easy Hack The Box machine that features: Directory Enumeration Use of Default Credentials Remote Code Execution VHOST Discovering SQL Injection over WebSocket Sensitive Data Exposure DOAS Privilege Escalation. Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.194. $ ping -c 3 10.10.11.194 PING 10.10.11.194 (10.10.11.194) 56(84) bytes of data. 64 bytes from 10.10.11.194: icmp_seq=1 ttl=63 time=44.3 ms 64 bytes from 10.10.11.194: icmp_seq=2 ttl=63 time=43.3 ms 64 bytes from 10.10.11.194: icmp_seq=3 ttl=63 time=43.7 ms --- 10.10.11.194 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 43.340/43.755/44.276/0.389 ms The machine is active and with the TTL that equals 63 (64 minus 1 jump) we can assure that it is an Unix machine. Now we are going to do a Nmap TCP SYN port scan to check all opened ports. ...

Description TwoMillion is an easy Hack The Box machine that features: Invite Code generation to register in a web application API enumeration to change a normal user into an administrator Command Injection in an API used to generate VPN connection files User Pivoting by using reused credentials found in environment file Privilege Escalation via OverlayFS Linux Kernel vulnerability Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.221. ...

Description Bagel is a medium Hack The Box machine that features: Path Traversal in web application allows reading web source code discovering a NetCore application with a WebSocket in another port Reverse Engineering of NetCore application lead to the discovery of credentials and a insecure deserialization vulnerability Insecure Deserialization vulnerability allows reading the content of the private SSH key of an user User Pivoting by using the previously leaked credential Privilege Escalation by creating a command execution NetCore application allowed to be executed by the root user Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.201. ...

Introduction️ A MPEG-TS file is a file format used to transmit video, audio and other types of data in digital broadcasting systems, such as terrestrial digital television (TDT). HbbTV (Hybrid Broadcast Broadband TV) is a specification that combines traditional broadcast television with internet-based services. HbbTV uses standard web technologies like HTML, JavaScript and CSS to provide this interactive experience for users.️ The Application Information Table (AIT) is an important part of the MPEG-TS standard used specifically in the context of HbbTV. The AIT table provides information about interactive applications available for a particular digital television service. It contains metadata related to the applications, such as their name, description, application type, launch URL, etc.️ ...

Description Precious is an easy Hack The Box machine that features: Command Injection Sensitive Data Exposure YAML Deserialization Privilege Escalation Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.189. $ ping -c 3 10.10.11.189 PING 10.10.11.189 (10.10.11.189) 56(84) bytes of data. 64 bytes from 10.10.11.189: icmp_seq=1 ttl=63 time=345 ms 64 bytes from 10.10.11.189: icmp_seq=2 ttl=63 time=44.3 ms 64 bytes from 10.10.11.189: icmp_seq=3 ttl=63 time=324 ms --- 10.10.11.189 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 44.276/237.727/345.296/137.076 ms The machine is active and with the TTL that equals 63 (64 minus 1 jump) we can assure that it is an Unix machine. Now we are going to do a Nmap TCP SYN port scan to check all opened ports. ...

Description Interface is a medium Hack The Box machine that features: API endpoints discovery PHP library dompdf Remote Command Execution Privilege Escalation via a Bash script Quoted Expression injection Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.200. $ ping -c 3 10.10.11.200 PING 10.10.11.200 (10.10.11.200) 56(84) bytes of data. 64 bytes from 10.10.11.200: icmp_seq=1 ttl=63 time=44.2 ms 64 bytes from 10.10.11.200: icmp_seq=2 ttl=63 time=43.5 ms 64 bytes from 10.10.11.200: icmp_seq=3 ttl=63 time=43.3 ms --- 10.10.11.200 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2004ms rtt min/avg/max/mdev = 43.286/43.673/44.201/0.386 ms The machine is active and with the TTL that equals 63 (64 minus 1 jump) we can assure that it is an Unix machine. Now we are going to do a Nmap TCP SYN port scan to check all opened ports. ...

Introduction️ DVBSTP (Digital Video Broadcasting - Stream Transfer Protocol) is a standard protocol developed by the DVB consortium for the efficient and reliable distribution of broadcast digital data streams, such as digital television signals, digital radio and other multimedia services.️ DVBSTP is mainly used for transmitting data in IP (Internet Protocol) networks over asynchronous transmission networks. It provides mechanisms for error management, flow control and data recovery to ensure the integrity and quality of digital broadcasting services.️ ...

Description MetaTwo is an easy Hack The Box machine that features: SQL Injection in WordPress plugin WordPress Password Cracking WordPress Authenticated XXE Sensitive Data Exposure Passpie Password Manager Cracking Privilege Escalation Footprinting First, we are going to check with ping command if the machine is active and the system operating system. The target machine IP address is 10.10.11.186. $ ping -c 3 10.10.11.186 PING 10.10.11.186 (10.10.11.186) 56(84) bytes of data. 64 bytes from 10.10.11.186: icmp_seq=1 ttl=63 time=44.3 ms 64 bytes from 10.10.11.186: icmp_seq=2 ttl=63 time=43.7 ms 64 bytes from 10.10.11.186: icmp_seq=3 ttl=63 time=43.7 ms --- 10.10.11.186 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2004ms rtt min/avg/max/mdev = 43.661/43.890/44.300/0.290 ms The machine is active and with the TTL that equals 63 (64 minus 1 jump) we can assure that it is an Unix machine. Now we are going to do a Nmap TCP SYN port scan to check all opened ports. ...