Python implementation of ‘Username’ map script’ RCE Exploit for Samba 3.0.20 < 3.0.25rc3 (CVE-2007-2447).
Tomcat is a very popular ‘web container’ software. This box teaches one of the vulnerabilities that can be used for RCE using Tomcat’s manager.
This machine is more about teaching a single exploit rather than usual HTB process. It is still fun and enjoyable!
Cronos begins with a simple DNS enumeration to find a hidden subdomain with a login page. Then we exploit SQL and command injection vulnerabilities to get a shell. This machine requires knowledge of how cron jobs work to get root. Easy and fun machine!
Tenten starts with very basic enumeration, but it very quickly becomes an interesting box. It requires knowledge of how to use and edit exploits and combines it with thinking outside the box. After a very fun user, I was a bit disappointed with the simplicity of escalation to root, but it was still an enjoyable experience.
Shocker reminded me of my first days in cybersecurity. It is vulnerable to Shellshock which was my first ever vulnerability that I’ve exploited. Root part is as simple as knowing how to spawn a shell using Perl.
Popcorn is a very simple box. It starts with simple file upload restrictions bypass to get user and uses a very interesting exploit to get root. Summary Find http://10.10.10.6/torrent/ directory. Create an account and upload any torrent. Bypass upload restriction while uploading your php shell as a screenshot. Find /home/george/.cache/motd.legal-displayed and exploit it to get … Continue reading [HackTheBox] Popcorn
Mirai was a very fun box! It requires thinking outside the box and compiling all information you have to guess some credentials. The root part requires knowledge of how Linux handles external devices to complete.
Bank is an easy machine. It requires some scripting and basic Linux enumeration skills to complete.
Blocky teaches us not to reuse our credentials everywhere. It begins with a simple enumeration. Then we have to decompile some jars. Finally, it ends with the simplest and easiest Linux enumeration. Still fun!