DNS Rebinding, XSS & 2FA SSH – Crossfit2 @ HackTheBox
We are solving Crossfit2, a 50-point OpenBSD machine on HackTheBox.
We are solving Crossfit2, a 50-point OpenBSD machine on HackTheBox.
We will solve Attended, a 50-point machine on HackTheBox. For user, we will be sending some emails back and forth and then append a payload that exploits a Vim RCE, followed by adding a malicious ssh config. For root, we will exploit a custom OpenBSD binary that is used as...
Fortune is a 50 point machine on hackthebox.eu featuring OpenBSD. I was lucky enough to get first blood on this box thanks to my team at the time p0l1T3am and especially ykataky. Techniques required in Fortune are the creation and signing of public keys, using client certificates, nfs-shares and postgresql/pgadmin4.
Ypuffy is a rather unique machine on hackthebox.eu because it features OpenBSD as operating system. In my version of getting root it didn't matter too much unfortunately because a public kernel exploit gave root quite easily. Ypuffy features ldap and smb enumeration and then application of public exploit for OpenBSD.