XSS, Deserialization & SeImpersonate – Cereal @ HackTheBox
We are solving Cereal, a 40-point machine on HackTheBox. For user, we will exploit a pretty tricky deserialization vulnerability in a .NET web app. For root, we exploit SeImpersonate.
We are solving Cereal, a 40-point machine on HackTheBox. For user, we will exploit a pretty tricky deserialization vulnerability in a .NET web app. For root, we exploit SeImpersonate.
We are going to solve Ready, a 30-point machine on HackTheBox. For user, we exploit the "Import Repo by URL"... read more
Solving Passage on HackTheBox. This is an easy box involving 2 public exploits, one for the CuteNews CMS and one... read more
In this video, we are going to solve Jellyfish, a medium difficulty box from TryHackMe, which involves exploiting a PHP... read more
Traverxec is a 20-point machine on hackthebox that involves using a public exploit on the nostromo webserver, cracking the passphrase... read more
We will solve Attended, a 50-point machine on HackTheBox. For user, we will be sending some emails back and forth... read more
Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure hidden... read more
My video about Spectra, a 20-point machine on HackTheBox that involves admin access to a WordPress site, allowing us to... read more
Using the hill cipher cracking theorem to solve the ctf challenge. read more
Redcross is a machine on hackthebox.eu, featuring sql injection, cookie reuse and a nice binary exploitation challenge, which I enjoyed... read more