Summary Luanne was the first NetBSD box on Hack The Box. Fuzzing landed us to Lua code injection to get a shell. We will get credentials for a webserver listening on localhost and find an SSH key hosted there to get to the second user. In the privilege escalation. Using netpgp…

Summary Fuse is a medium-level windows machine on Hack The Box. An initial foothold is gained by discovering an expired password that can get access to SMB shares and RPCClient. A user shell is obtained by enumerating the printer in RPCClient and determining a password used by one of the users…

Summary Blunder is a Linux easy-level box from Hack The Box. It consists of finding credentials using the cewl tool to log in to Bludit Portal. RCE exploits to gain an initial shell, then some database files can be read to get credentials for another user. …

Summary Blackfield is the Hack The Box Hard-Level box. We get login into smb shares and enumerated profiles$ shares. where we got lots of usernames. We used a kerberoasting attack on an active directory to obtain credentials. Then using rpcclient to change credentials for another user allowing us access to…

Summary Cache is the Hack The Box medium-level box. In the user part, we enumerated on port 80, the author’s page gave information of a new hostname that was running vulnerable OpenEMR. Username and password extracted using SQLMAP and a reverse shell were obtained as www-data after running. In the…

Summary OpenKeys is the Hack The Box medium level box. In the user part, we will enumerate port 80 and grab some authentication files. We will get authentication bypass CVE-2019–19521 vulnerability. In the root part, we will do CVE-2019–19520: Local privilege escalation via xlock. FootHold After the port scan, we…

Summary Tabby is the easy level box. In this writeup, I am going to show how I successfully exploited the tabby machine. In the user part, we grab the username and password using the LFI vulnerability. We will use the curl command to upload the reverse shell file on Apache Tomcat…

Unbalanced- Hack The Box Summary Unbalanced is the Hard level box on Hack The Box. The initial shell starts with Rsync and Squid proxy. We used Rsync to grab the backup files and decrypt the Encrypted Filesystem (EncFS) with encfs2john. After that crack the password to access the backup config files. In those files, we…

Buff- Hack The Box Summary Buff is the Hack the Box easy level machine. For the Initial shell part, we enumerated port 8080. We find a Gym Management CMS- remote code execution. In the root part box, we find CloudMe software running locally. Which is vulnerable to buffer overflow CVE- 2018–7886…