easy - R:Null's hacky things

HTB - Litter

a year ago 4 min read sherlocks blue team soc dns tunneling easy writeup

Scenario Khalid has just logged onto a host that he and his team use as a testing host for many different purposes, it’s off their corporate network but has access to lots

HTB - Previse Write-up

3 years ago 7 min read hackthebox easy php exec PATH abuse indirect reference

Rated Easy by HackTheBox and created by m4lwhere, we discover vulnerabilities in exposing protected pages and sensitive data, unsanitised inputs and dangers in relative pathing.

HTB - BountyHunter Write-up

3 years ago 6 min read hackthebox xxe python eval writeup easy

Rated Easy by HackTheBox and created by ejedev, we discover XML External Entity (XXE) and Python eval() function vulnerabilities.

HTB - Cap Write-up

3 years ago 3 min read hackthebox easy writeup capabilities python

Rated Easy from HackTheBox, created by InfoSecJack. We learn about keeping sensitive information on webservers and dangers of Python's SETUID Capabilities.

HTB - Knife Write-up

3 years ago 4 min read hackthebox easy php knife ruby writeup

Rated Easy by HackTheBox, created by MrKN16H. Through this machine, we learn about a vulnerability in PHP 8.1.0-dev, the importance of managing user privileges and securing sudoers.