A tricky machine where we had to phish the administrator to obtain the credentials using tabnabbing technique. Next exploiting sentry application to execute command injection. Third Stage is to rev...
Previse HTB
An easy box with an unvalidated redirection vulnerability, access to registration page and dump the file sitebackup.zip and exploit a post parameter to get remote code execution on the machine. Use...
Writer HTB
A very good box with a good knowledge on how postfix filters work and ubuntu apt installer.
Pikaboo HTB
A very tough box with a good knowlege of webservers and perl scripting and a bit of code workthrough.
Intelligence HTB
Windows Active Directory Box
BountyHunter HTB
Fairly Easy box with a knowledge of XXE and code analysis.
Building a C2 that will bypass ASMI
Chaining the Windows trusted binary, FodHelper, for UAC bypass together with the ability to rewrite registry keys will safely disable ASMI allowing a PowerShell reverse shell.
Year of the Rabbit - TryHackMe
Year of the Rabbit - TryHackMe was an easy box with lot of rabbit holes as the box name indicates can make you frustrate.