Hack The Box Hack the Box : Passage It took a loooong time to find flags as I went through lots of files.linpeas.sh is great, but there's just so many files... 2022.08.29 Hack The Box
Hack The Box Hack the Box : Ransom Spent about an hour on Cookie, hoping to bypass authentication somehow.Then hacktrick.xyz gave me a hint.Still took some... 2022.08.27 Hack The Box
Hack The Box Hack the Box : BountyHunter XML external entity injection again (NodeBlog).eval exploit is fun.01:12 Check for XXE vulnerabilityXEE_Payload01:39 gob... 2022.08.26 Hack The Box
Hack The Box Hack the Box : NodeBlog Encoding payload part was hard.URL encode, changing some special characters, base64...00:47 NoSQL injection01:20 XML ext... 2022.08.25 Hack The Box
Hack The Box Hack the Box : Secret Reading coredump was fun, but reading long linpeas.sh result was pain.To get coredump, I learned about kill option.02:57... 2022.08.23 Hack The Box
Hack The Box Hack the Box : Pandora snmp-check returned many, so I first missed user & password and proceed with snmpwalk.Finding a tiny info from vast outp... 2022.08.22 Hack The Box
Hack The Box Hack the Box : Shibboleth Multiple vulnerabilities.There's so many things included, spent many hours working on things did not lead to flags.Still... 2022.08.21 Hack The Box
Hack The Box Hack the Box : BackendTwo You need to read python codes and find where the files are.Fun Box!Now I'm using a sever with 4GB memory, as 2GB memory ... 2022.08.20 Hack The Box
Hack The Box Hack the Box : Unicode JWK Spoofing, Directory traversal, Unicode normalization, Use /proc to gather info...Many elements. Much fun.It took me ... 2022.08.16 Hack The BoxSpoofing
Hack The Box Hack the Box : Undetected Reading C codes was hard.00:45 PHP Unit vulnerability found01:14 Modify request on Burp Suite to show phpinfo() Content-... 2022.08.14 Hack The BoxReverse Engineering