DynamoDB & S3 Buckets – Bucket @ HackTheBox
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell to a local S3 bucket and at the end exploit an html to pdf converter.
We are going to solve Bucket, a medium Linux machine on HackTheBox. We get credentials from DynamoDB, upload a webshell to a local S3 bucket and at the end exploit an html to pdf converter.
Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm file... read more
In this blog post, we will solve the Windows userland challenge that Blue Frost Security published for Ekoparty 2022. read more
Mango is a 30-point linux machine on hackthebox that involves a NoSQL-Injection which allows to obtain user passwords from a... read more
We are solving Forge, a medium difficulty Linux machine on HackTheBox which involves an SSRF & playing with the python... read more
Patents is a 40-point Linux machine on HackTheBox. For user we exploit an external entity injection in a word document... read more
Ethereal is a machine on hackthebox.eu that awards 50 points, the highest possible score/difficulty and requires some really fun techniques,... read more
Safe is an "easy" machine on hackthebox, involving a simple buffer overflow and cracking a keepass file. read more
This video is about Unobtainium, a 40-point Linux machine on HackTheBox. For user, we download an electron app and proxy... read more
We are solving Dynstr, a 30-point Linux machine on HackTheBox that involves a Dynamic DNS Service & a Command Injection. read more
This video is about Knife, a 20-point machine on HackTheBox that involves the zerodium php backdoor and using "sudo knife"... read more