Exploiting Gitlab 12.8.1 – Laboratory @ HackTheBox
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for user and path hijacking on a setuid binary for root.
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for user and path hijacking on a setuid binary for root.
Bankrobber is a 50-point machine on hackthebox that involves exploiting a cross site scripting vulnerability to gain access to an... read more
Patents is a 40-point Linux machine on HackTheBox. For user we exploit an external entity injection in a word document... read more
APT is a 50-point machine on HackTheBox which involves getting the IPv6 Address via MS-RPC, credential spraying, and reading the... read more
Buff is a 20-point Windows Machine on HackTheBox, created by egotisticalSW. It involves 2 simple public exploits and forwarding a... read more
Carrier is a nice, medium difficulty machine on hackthebox.eu featuring information retrieval via snmp, command injection and bgp hijacking. The... read more
Bastion is an easy 20 points machine on hackthebox. It is about mounting a .vhd file over the network, retrieving... read more
We are solving Vault from PG Practice. This machine involves planting malicious files on an SMB share to steal hashes.... read more
Postman is a 20-point machine on hackthebox, that involves using redis to write an ssh key to disk, cracking the... read more
We are solving Cereal, a 40-point machine on HackTheBox. For user, we will exploit a pretty tricky deserialization vulnerability in... read more
SwagShop is a very easy machine on hackthebox, involving a public exploit and sudo abuse. read more