• HackTheBox – Devel Writeup

    HackTheBox – Devel Writeup Today we are gonna solve the Devel machine from hackthebox. Devel is a windows machine released on 15 March 2017. There is ftp anonymous login enabled on the machine so we upload our payload and get a shell on the system. The privilege escalation is done by the infamous exploit KiTrap0D. […]

    5 min read February 25, 2022
  • TryHackMe – Ice Writeup

    TryHackMe – Ice Writeup Ice is a beginner level windows machine on tryhackme. The machine runs an Icecast Media Server on one of the ports. We exploit this service to gain a remote shell on the machine. The privilege escalation is done with bypassuas_eventvwr exploit and by exploiting the SeTakeOwnershipPrivilege to gain system on the […]

    2 min read February 17, 2022
  • HackTheBox – Irked Writeup

    HackTheBox – Irked Writeup Irked is a beginner level ctf based machine released on 17 November 2018. The machine has an UnrealIRCD server running which is vulnerable to backdoor command execution and we then hijack an SUID binary to gain root access on the machine. This machine also gives a little introduction on steganography. The […]

    4 min read February 1, 2022
  • HackTheBox – Jerry Writeup

    HackTheBox – Jerry Writeup Today we are gonna solve Jerry from hackthebox.eu. It is a beginner level windows machine released on 30 July 2018 Connecting to HTB Vpn: First, we have to connect to hackthebox vpn to get access to the machine. The vpn file can be downloaded from the access page of hackthebox. We […]

    4 min read January 27, 2022
  • HackTheBox – Lame Writeup

    HackTheBox – Lame Writeup Today we are gonna solve the Lame machine from hackthebox. Lame is a Linux machine released on 14 March 2017. In the difficulty level, it is rated as an easy machine. We exploit a vulnerability in the smb port to gain direct root access. Let’s get started. Connecting to HTB Vpn: […]

    2 min read January 18, 2022
  • HackTheBox – Legacy Writeup

    HackTheBox – Legacy Writeup Today we are gonna solve Legacy from hackthebox.eu. Legacy is an easy windows machine residing at the ip address 10.10.10.4 released on 15 July 2017. We use the exploit MS08-067 to attack this machine and gain system access. This machine is also vulnerable to MS17-010 Eternal Blue exploit. Connecting to HTB […]

    2 min read January 10, 2022
  • HackTheBox – Sense Writeup

    HackTheBox – Sense Writeup Sense is a beginner level FreeBSD machine released on 21 October 2017. The machine resides at 10.10.10.60. It has a webserver running pfsense firewall which has a remote code execution vulnerability. This vulnerability gives us direct root access into the machine. Connecting to HTB Vpn: 1] First download the vpn file […]

    3 min read October 26, 2021
  • TryHackMe Tomghost-Writeup

    TryHackMe Tomghost-Writeup Tomghost is a beginner level machine from tryhackme. The machine is focused on teaching about the famous Apache Jserv exploit Ghostcat. We use Ghostcat LFI exploit to gather ssh credentials and gain access to the machine. The machines also has some pgp encryption files for us to crack and the final root access […]

    2 min read October 21, 2021
  • TryHackMe Simple CTF-Writeup

    TryHackMe Simple CTF-Writeup Simple CTF is a beginner level machine on TryHackMe. The machine has a webserver, a FTP server and a ssh service running. The webserver has an installation of CMS Made Simple 2.2.8 which is vulnerable to SQLi . This SQLi is used to gain credentials of the ssh user and the sudo privileges […]

    2 min read October 18, 2021
  • TryHackMe Sudo Buffer Overflow-Writeup

    TryHackMe Sudo Buffer Overflow-Writeup Sudo Buffer Overflow is a beginner level Linux machine on TryHackMe. The machine teaches us about vulnerabilities in sudo command. The machine is running sudo < 1.8.26 which is vulnerable to Buffer Overflow exploit if password feedback is turned on. In this machine, the password feedback is turned on so we […]

    2 min read October 16, 2021