-
Explore Writeup [HTB]
Explorer is an Android based machine that was active since June 26th of 2021 to October 30th, on this machine we will exploit a vulnerability on an application running in the device to be able to list and download files inside of it, get a file with credentials and access...
-
dynstr Writeup [HTB]
Dynstr is a Linux based machine that was active since June 12th of 2021 to October 16th, we will find a service for giving dynamic DNS, just like noip and who claim to use the same API, testing it we find out that it is vulnerable to command injection, bypass...
-
Monitors Writeup [HTB]
Monitors is a Linux based machine that was active since April 24th of 2021 to October 9th, on this machine we will use a Local File inclusion vulnerability to get some credentials and enumerate subdomains available on the machine, with this credentials we will have access to a Cacti instance...
-
Cap Writeup [HTB]
Cap is a Linux based machine that was active since June 5th of 2021 to October 2nd, on this machine we will find a packet capture file where we will find some credentials for the machine, connect with them through SSH, and find that python3 has setuid privilege, using it...
-
Pit Writeup [HTB]
Pit is a Linux based machine that was active since May 15th of 2021 to September 25th, on this machine we will get some useful information from SNMP, but we will need to search out of the common OID tree that snmpwalk searches by default, with that information we will...