UpDown

Hack The Box. Linux. Medium machine

13 minutes to read

This machine has a website that has a development directory and exposes a Git repository. Using this, we can find some functionality that is hidden except for developers and can be abused to get RCE after planning the attack and bypassing disable_functions in PHP. In the machine, there’s a SUID binary compiled out of a Python script, which can be abused with a library hijacking attack. Finally, the developer user is able to run easy_install with sudo, which leads to the privilege escalation

Amidst Us

Hack The Box. Challenges. Web

2 minutes to read

Python. Third-party dependencies. Code Injection. RCE

Down the Rabinhole

Hack The Box. Challenges. Crypto

6 minutes to read

Greatest Common Divisor. Modular arithmetic. PKCS7 padding

ElElGamal

Hack The Box. Challenges. Crypto

8 minutes to read

Traffic analysis. ElGamal. Modular arithmetic

Jenny From The Block

Hack The Box. Challenges. Crypto

3 minutes to read

Block cipher. Known plaintext attack. Induction. SHA256

Red Island

Hack The Box. Challenges. Web

4 minutes to read

SSRF. Path Traversal. Gopher protocol. Redis RCE

Space pirate: Entrypoint

Hack The Box. Challenges. Pwn

6 minutes to read

64-bit binary. Format String vulnerability. Local variable modification

Space pirate: Going Deeper

Hack The Box. Challenges. Pwn

6 minutes to read

64-bit binary. Buffer Overflow. Redirecting program execution

The Three-Eyed Oracle

Hack The Box. Challenges. Crypto

4 minutes to read

AES ECB oracle