MonitorsTwo

Hack The Box. Linux. Easy machine

13 minutes to read

This machine has a Cacti service that is vulnerable to unauthenticated Remote Code Execution that grants access to a Docker container. Here we can find credentials in the database and reuse them for SSH on the host machine. Then, we find out that the Docker version is vulnerable to a CVE. To exploit this, we need to get root in the container and configure a SUID binary that will be executed from the host machine via directory traversal to escalate privileges

Auth-or-out

Hack The Box. Challenges. Pwn

14 minutes to read

64-bit binary. Heap exploitation. Integer overflow. Heap overflow. ret2libc

TurboCipher

Hack The Box. Challenges. Crypto

7 minutes to read

Recurrence relation. Telescoping series. LCG

cryptoGRAPHy (1, 2, 3)

SekaiCTF 2023

23 minutes to read

Graph Encryption Scheme
1: Key leakage. Decryption
2: Single-Destination Shortest Path. Node degrees
3: Query recovery. Tree isomorphisms

Noisy CRC

SekaiCTF 2023

8 minutes to read

CRC. Chinese Remainder Theorem. Brute force