hackthebox.eu: OpenAdmin Walkthrough
Alex Alex

hackthebox.eu: OpenAdmin Walkthrough

A new easy Linux box with some new to me issues and an old privilege escalation to root. It was a fun one and reminded me of a few things that I ought to remember more quickly. It’s good to get a reminder of the basics sometimes.

SPOILERS AHEAD

Read More
hackthebox.eu: Traverxec Walkthrough
Alex Alex

hackthebox.eu: Traverxec Walkthrough

This was a fun “easy” Linux machine with some challenging enumeration, opportunities for cool new tools, and an old technique to gain a root shell done in a new way. I learned on this one that a step by step process is a good way to slow down if you’re not getting a result. When I took it a step at a time I had more success.

SPOILERS AHEAD

Read More
hackthebox.eu: Forest Walkthrough
Alex Alex

hackthebox.eu: Forest Walkthrough

Forest… an ‘easy’ Windows host with some Kerberos issues, an interesting WinRM path, and overly permissive DACL permissions. This one had some real challenges for me and the final step to root was a technique that I’ve not had hands-on with before. A great learning experience for sure!

SPOILERS AHEAD

Read More
hackthebox.eu: Postman Walkthrough
Alex Alex

hackthebox.eu: Postman Walkthrough

The Postman machine is a good example of a Redis cli vulnerability that leads to web dashboard access and a Webmin vulnerability. There are a couple of tricky spots in this machine and attention to detail is important to get through those spots. However there are very helpful blogs out there that can lead you through the process.

SPOILERS AHEAD

Read More
hackthebox.eu: Bitlab Walkthrough
Alex Alex

hackthebox.eu: Bitlab Walkthrough

Time for more hackthebox.eu machines. Bitlab is a medium Linux box running a version of Gitlab with some issues. Enumeration and looking at code was a factor in this box as well as some eventual basic reverse engineering of a Windows executable. This box pushed me out of my comfort zone in a lot of ways and was VERY satisfying when I finally got it.

Read More
hackthebox.eu: Wall Walkthrough
Alex Alex

hackthebox.eu: Wall Walkthrough

Back to the Wall with hackthebox.eu! This box was an interesting Linux box with some web app testing skills, some exploit code review and troubleshooting, and finally some Linux enumeration and exploit code moving for a comprehensive box. This was a challenge for sure and reminded me that I still have things to learn.

As always… spoilers ahead

Read More
hackthebox.eu: Heist Walkthrough
Alex Alex

hackthebox.eu: Heist Walkthrough

This is a fun and basic Windows box that provides a good opportunity to practice checking usernames and passwords as you go in addition to learning some cool new techniques using Windows sysinternals, Ruby, and BitsAdmin.

SPOILERS AFTER HERE

Read More
hackthebox.eu: SwagShop Walkthrough
Alex Alex

hackthebox.eu: SwagShop Walkthrough

This machine on Hack the Box was really fun. I have to admit I’m a lot more motivated when I have something I really want (like access to stickers) at the end. :)

HERE BE SPOILERS - YE BE WARNED

Read More
hackthebox.eu: Luke Walkthrough
Alex Alex

hackthebox.eu: Luke Walkthrough

My first medium level box. Hack the Box Luke. This one was fun, but honestly I feel like some of the ‘easy’ boxes had more steps. There was some discussion on the forums as well, but these things are pretty subjective. One hacker’s medium… blah blah blah.

SPOILERS INSIDE

Read More
hackthebox.eu: Bastion Walkthrough
Alex Alex

hackthebox.eu: Bastion Walkthrough

Windows networks are more my wheelhouse, just since I see mostly active directory during penetration tests. This was an interesting box with some good SMB issues and opportunities for learning on my part. There was also an interesting backup image network mount technique in here that I hope to use in the future.

SPOILERS AHEAD

Read More
hackthebox.eu: Netmon Walkthrough
Alex Alex

hackthebox.eu: Netmon Walkthrough

I’m really starting to like these Hack the Box machines! It’s good practice to have something you don’t know the exploit vector for and that you have to dig and research and figure out how it works before you get success. I’m also hoping that these notes can serve as a resource for techniques for me later. A “didn’t I do this before on htb?” kind of thing. You’d be surprised how often that happens in my day job.

SPOILERS AFTER HERE - as usual

Read More
hackthebox.eu: Irked Walkthrough
Alex Alex

hackthebox.eu: Irked Walkthrough

Time for another Hack the Box challenge! This time we’ll be taking on “Irked”. Hopefully that’s not foreshadowing and I’ll learn new techniques and tools again in another box.

SPOILERS ABOUND - YOU HAVE BEEN WARNED

Read More
hackthebox.eu: Jerry Walkthrough
Alex Alex

hackthebox.eu: Jerry Walkthrough

My first Hack the Box challenge! Taking on “Jerry”, mainly because I thought I knew what technology may be in play here based on the name and I felt that a nice easy on-ramp to these challenges would be a good place to start. I’m a big believer in momentum when it comes to hacking and thought processes so I like to engineer some early wins.

BIG SPOILERS IN THIS POST - YOU HAVE BEEN WARNED

Read More