-
Seal Writeup [HTB]
Seal is a Linux based machine that was active since July 10th of 2021 to November 13th, on this machine we will access to a gitbucket instance which contains the configuration files of the webpage running on the machine, we will retrieive information about blocked pages by Nginx through ssl...
-
Explore Writeup [HTB]
Explorer is an Android based machine that was active since June 26th of 2021 to October 30th, on this machine we will exploit a vulnerability on an application running in the device to be able to list and download files inside of it, get a file with credentials and access...
-
dynstr Writeup [HTB]
Dynstr is a Linux based machine that was active since June 12th of 2021 to October 16th, we will find a service for giving dynamic DNS, just like noip and who claim to use the same API, testing it we find out that it is vulnerable to command injection, bypass...
-
Monitors Writeup [HTB]
Monitors is a Linux based machine that was active since April 24th of 2021 to October 9th, on this machine we will use a Local File inclusion vulnerability to get some credentials and enumerate subdomains available on the machine, with this credentials we will have access to a Cacti instance...
-
Cap Writeup [HTB]
Cap is a Linux based machine that was active since June 5th of 2021 to October 2nd, on this machine we will find a packet capture file where we will find some credentials for the machine, connect with them through SSH, and find that python3 has setuid privilege, using it...