HTB | Breadcrumbs

Breadcrumbs was a hard box with crumbs to connect. This box had an LFI, source code review, and upload bypass for user shell. The upload bypass was easy as pie, but the road had miles to go. The Root privilege escalation was tricky to achieve. As always Nmap was done and responded with lots of open ports Nmap scan report for 10.10.10.228 Host is up (0.19s latency). Not shown: 987 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH for_Windows_7....

HTB | Ophiuchi

Ophiuchi has no connections with the constellation Ophiuchus, it was a medium box with a YAML parser. It shared similarities with the machine Time in terms of the exploitation to provide the initial shell and raced to root via web assembly. The root section was an irksome task dealing with the compiling. The first enumeration is always a Nmap, and it identified two accessible ports. Nmap scan report for 10.10.10.227 Host is up (0....

HTB | Spectra

Spectra was an easygoing box, that joined the dots along the way, but it can be ranked as a medium box in terms of the process involved. The box had an admissible MySQL port, that was not witnessed commonly in hackthebox. Initial shell was achieved using WordPress shell upload.The privilege escalation was done via initctl that had sudo privileges. The Nmap scan gave three ports, in which the MySQL port stood out as unique....

HTB | Tenet

Tenet was a medium box running WordPress, for the few users it might be a hard box because the user shell was exploiting a PHP deserialization. The privilege escalation was not complicated as the user shell. Tenet means “a principle or belief, especially one of the main principles of a religion or philosophy.” The box had a historical connection that has been mentioned at the end of this writeup. The initial phase of the Nmap scan gave two ports....

HTB | Scriptkiddie

Scriptkiddie was an easy box with a Metasploit installation and a Metasploit exploit to start with. Easy boxes are always made with a CVE and the exploitation as a user was trivial. Metasploit is regarded as a script kiddie tool since it does not teach you anything rather than running automated exploits, but it comes in handy when you have to perform pivoting or testing on misconfigured NFS. Personally, it is a nifty tool that is very useful when exploits are breaking and compiling becomes a pain....