JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
We are solving TheNotebook, a 30-point Machine on HackTheBox where we’ll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
Acute is a 40-point Active Directory Windows machine on HackTheBox. I'm going to use it to show some techniques which... read more
Traverxec is a 20-point machine on hackthebox that involves using a public exploit on the nostromo webserver, cracking the passphrase... read more
This post is about hackback, a really interesting and challenging machine that was released on 23.02.19 on hackthebox.eu. Techniques used... read more
Rope is a 50-point machine on HackTheBox that involves 3 binary exploits. There is a format string vulnerability in the... read more
Arkham was a surprisingly hard box for the 30 points that were awarded for it, as I was struggling quite... read more
Nest is a 20-point Windows machine on HackTheBox that involves searching through smb shares and analyzing 2 short custom programs. read more
Sniper is a 30-point machine on HackTheBox that involves abusing a remote file inclusion and uploading a crafted chm file... read more
Ghoul is a nice 40 points machine on hackthebox involving zip traversal, lateral movement, public exploits and some obscure hidden... read more
Solving Luanne on HackTheBox. This is an easy 20-point machine involving a simple command injection and some password cracking. read more
Carrier is a nice, medium difficulty machine on hackthebox.eu featuring information retrieval via snmp, command injection and bgp hijacking. The... read more