htb

Ready was a medium box running a Gitlab instance with a direct exploit. Even though it was a medium box, the exploitation was straightforward from user to root. The root section might tangle a bit if you are not aware of the environment you are in. The initial phase of the Nmap scan gave two ports. There was no port 80 but port 5080 was running Nginx, hence jumping straight to the IP without a Nmap scan is not a good approach, because there might be webservers running in different ports like for this box and new hosts that are specific to the machines (ex: machinename....

Laboratory was an easy machine with a direct exploit for the user,but it was hard to exploit in terms of stability. The user shell was clumsy and the git instance returned 502 in between the exploit phase.It had GitLab instance running as a vhost and that was the reason for the name. Dexter from the animated series “Dexter’s Laboratory” was the CEO of the laboratory. The exploit was similar to a currently active box....

Time was a medium box and it might end up as a hard box if you are not good at reading the output and the errors. This box has no connection with time privilege escalation but it has a similarity. It had an Apache server hosting a PHP website. Nmap scan for time had only two ports,80 & 22. The versions seemed to be stable without any potential vulnerabilities. Nmap scan gave a hint it might be something related to JSON....

Luanne was the fifth and final single taken from album 4 by the band Foreigner, Luanne is the niece-in-law of Hank Hill from the animated series King of the Hill and many more. Even though Luanne has a few things to cover on the internet this box has nothing to do with any of it. One thing that sticks with Luanne was Lua. As always Nmap was done and it was a confusing result....

Academy has nothing to do with academics. It was just another box with a couple of frustrating moments. The UI maintained a clone of HTB Academy and it is another segment in HTB for the learners. The initial phase is always a Nmap scan and that was done, it gave two open ports. Nmap scan report for academy.htb (10.10.10.215) Host is up (0.19s latency). PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8....