Sandworm

Hack The Box. Linux. Medium machine

25 minutes to read

This machine has a website that allows to encrypt, decrypt and verify signatures using PGP. The website is vulnerable to SSTI in Flask, which is the way to access the machine as atlas. However, this environment is limited due to firejail, but we are able to find a plaintext password to login as silentobserver in SSH. As this user, we are able to modify a Rust project that is used in another Rust project that runs periodically as atlas. With this power, we can get access as atlas again, but outside firejail. Finally, since firejail is a SUID binary, we can use a public exploit to become root

Confidentiality

Hack The Box. Challenges. Blockchain

5 minutes to read

ERC-721. ECDSA signature malleability

Funds Secured

Hack The Box. Challenges. Blockchain

5 minutes to read

Smart Contract method call. Wrong parameter verification

Flippin Bank

Hack The Box. Challenges. Crypto

4 minutes to read

AES CBC. Bit Flipping Attack. XOR

Initialization

Hack The Box. Challenges. Crypto

4 minutes to read

AES CTR. Stream cipher. XOR

Illumination

Hack The Box. Challenges. Forensics

2 minutes to read

Git enumeration. Base64 encoding

Red Miners

Hack The Box. Challenges. Forensics

26 minutes to read

Bash. Base64