Hack the Box: Perfection Writeup
Summary: To gain a foothold on the machine, we exploited an SSTI vulnerability in the web app. Subsequently, we discovered an email detailing the password pattern along with some hashes.…
HackTheBox
Hack the Box: Analytics Writeup
Summary: In our approach to solving this box, we first gained access to the machine by exploiting a pre-authentication Remote Code Execution (RCE) vulnerability found in Metabase. After that, we…
Hack the Box: DevVortex Writeup
Summary: To root this box, we need to use a Joomla vulnerability (CVE) to get credentials and access the Dashboard. Once inside, we’ll modify the template to secure a shell…
Hack the Box: Sau Writeup
Summary: Taking advantage of a flaw in Maltrail (v0.53) allows for the potential execution of remote commands on the specified machine. This could subsequently result in privilege escalation, particularly in…