Recommended reads: oouch
Posts
fieldraccoon
Cancel

Cyborg was a box that I made for tryhackme. It involved Cracking a hash located on the web server. Then using those credentials we extracted a borg archive which then revealed credentials for ssh. ...

Setup The idea of me making this machine was to learn how it works, the setup process. Making something vulnerable and eventually how to submit and export my image to the platforms. This box consis...

Blackfield was a really interesting hard windows box which involed a kerberoasting attack on active directory to obtain credentials. Then using rpcclient to change credentials for another user allo...

Travel was a fun box that involved injecting a php serialized object into memcache via ssrf and exploiting a wordpress plugin SimplePie to unserialize our arbitiary code. We then enumerate database...

Magic was a medium linux machine that involved sql injection to get access to an image upload feature. We upload our malicious image to get a shell on the target system. Enumerating for credentials...

Oouch in my opinion is one of the best ever hack the box machines that i have played and completed, it is also said to be one of the most realistic machines on hack the box. Most of the user partio...

Cascade was a medium windows box that involved anumeration of smb shares and ldap to locate password for another user. Reversing files revealed an iv and a key for AES decryption which the revealed...

Sauna was an easy linux box that involved web enum in order to get a username and then using GetNPUsers.py to get a password. Root involved dumping hashses with a password gained from windows regis...

Book was a medium linux machine that involved using burpsuite with an sql truncation attack and then required xss to reveal an ssh key in the form of a pdf. Root was a simple exploit involving log ...

Europa was a medium linux box that required an sql injection to bypass login followed by a reverse shell in the place of parameters using burpsuite, root involved enumeration of a cronjobs file bei...