I publish here my write-ups on Root-Me, HackTheBox or other machines. Write-ups are small articles that detail how an attacker solves a CTF (a cyber security challenge). Enjoy reading them! 😉
cestoliv, il y a 1 an, lun. 27 mars 2023
Investigation - HackTheBox Machine
A vulnerability in ExifTool allows a reverse shell, and the analysis of a binary allows a privilege escalation
cestoliv, il y a 3 ans, ven. 8 oct. 2021
BountyHunter - HackTheBox Machine
An XEE vulnerability in a form will allow us to read the connection script to the database and retrieve the identifiers
cestoliv, il y a 3 ans, lun. 27 sept. 2021
Explore - HackTheBox Machine
A vulnerability in the Android ES File Explorer application allows us to access the smartphone's file system. Then ADB will allow us to take control of it.
cestoliv, il y a 3 ans, jeu. 23 sept. 2021
Cap - HackTheBox Machine
The traffic analysis with Wireshark will allow us to find FTP identifiers. Then it's a simple python privilege escalation that will give us the control of the machine.