Giter VIP home page Giter VIP logo

htb-write-up's Introduction

This is a page for my write-ups of Hack The Box machines

Contents

  • Every machine has its own folder were the write-up is stored.
  • In some cases there are alternative-ways, that are shorter write ups, that have another way to complete certain parts of the boxes.
  • If custom scripts are mentioned in the write up, it can also be found in the corresponding folder.
  • The file tables-of-boxes.md is similar to README.md but with more information:
    • Difficulty Rating on Hack The Box
    • State of my personal completion
    • Alternative way exists in this repository

More write-ups will come soon.

Searching through Write-Ups

Most commands and the output in the write-ups are in text form, which makes this repository easy to search though for certain keywords.

Clone the repository and go into the folder and search with grep and the arguments for case-insensitive (-i) and show the filename (-R).

Example: Search all write-ups were the tool sqlmap is used

grep -iR "sqlmap" */*.md

Example: Search all write-ups were CSRF is mentioned

grep -iR "csrf" */*.md

Example: Search all write-ups were port 8080 is open

grep -iR "8080/tcp" */*.md

Boxes

  • Cascade
    • Retired on 25th July 2020
    • OS: Windows
    • Tags: LDAP, .NET Binary Analysis, Active Directory Recycle Bin
  • Sauna
    • Retired on 18th July 2020
    • OS: Windows
    • Tags: Active Directory, AS-REP Roasting, BloodHound, DCSync, Pass-The-Hash
  • Book
    • Retired on 11th July 2020
    • OS: Linux
    • Tags: SQL Truncation, Logrotten (Logrotate Vulnerability)
  • Monteverde
    • Retired on 13th June 2020
    • OS: Windows
    • Tags: Password Spraying, Azure AD Connect
  • Nest
    • Retired on 6th June 2020
    • OS: Windows
    • Tags: Enumerating SMB Shares, Visual Basic Code Analysis, Alternate Data Streams, .NET Binary Analysis
  • Resolute
    • Retired on 30th May 2020
    • OS: Windows
    • Tags: Password Spraying, Active Directory, DNS Admin Vulnerability
  • Obscurity
    • Retired on 9th May 2020
    • OS: Linux
    • Tags: Python Code Analysis, Known-Plaintext Attack
  • OpenAdmin
    • Retired on 2nd May 2020
    • OS: Linux
    • Tags: CVE (OpenNetAdmin), Password Reuse
  • Control
    • Retired on 25th April 2020
    • OS: Windows
    • Tags: SQL Injection, PowerShell History, Windows Services
  • Mango
    • Retired on 18th April 2020
    • OS: Linux
    • Tags: MongoDB
  • Traverxec
    • Retired on 11th April 2020
    • OS: Linux
    • Tags: CVE (Nostromo), Password Cracking, journalctl
  • Registry
    • Retired on 4th April 2020
    • OS: Linux
    • Tags: Docker Registry, CVE (Bolt CMS), Restic
  • Forest
    • Retired on 21st March 2020
    • OS: Windows
    • Tags: Active Directory, Password Spraying, SMB Null Session Attack, AS-REP Roasting, DCSync
  • Postman
    • Retired on 14th March 2020
    • OS: Linux
    • Tags: Redis, CVE (Webmin)
  • Bankrobber
    • Retired on 7th March 2020
    • OS: Windows
    • Tags: Cross-Site-Scripting (XSS), SQL Injection, Cross-Site-Request-Forgery (CSRF), Server Exploitation
  • Scavenger
    • Retired on 29th February 2020
    • OS: Linux
    • Tags: SQL Injection, Whois, DNS Zone Transfer, Log and PCAP Analysis, Rootkit Reversing
  • Zetta
    • Retired on 22nd February 2020
    • OS: Linux
    • Tags: FTP Bounce Attack, IPv6, rsync, Rsyslog, SQL Injection, PostgreSQL
  • RE
    • Retired on 1st February 2020
    • OS: Windows
    • Tags: ODS Spreadsheet with Macros, CVE (WinRAR), Ghidra XXE Vulnerability
  • AI
    • Retired on 25th January 2020
    • OS: Linux
    • Tags: SQL Injection via Speech-To-Text, Java Debug Wire Protocol (JDWP)
  • Player
    • Retired on 18th January 2020
    • OS: Linux
    • Tags: JSON Web Token (JWT), FFmpeg Vulnerability, CVE (SSH), PHP Deserialization Vulnerability
  • Bitlab
    • Retired on 11th January 2020
    • OS: Linux
    • Tags: GitLab, Git Hooks, PostgreSQL, Windows Binary Analysis
  • Craft
    • Retired on 4th January 2020
    • OS: Linux
    • Tags: Gogs (Git), Searching through Code, HashiCorp Vault Token
  • Wall
    • Retired on 7th December 2019
    • OS: Linux
    • Tags: CVE (Centreon), Decompile Python Binary, Screen Vulnerability
  • Heist
    • Retired on 30th November 2019
    • OS: Windows
    • Tags: Cisco Password Cracking, Password Spraying, SID Brute-Force, Process Dump
  • Chainsaw
    • Retired on 23rd November 2019
    • OS: Linux
    • Tags: Solidity / Smart Contracts, InterPlanetary File System (IPFS), Slack Space
  • Networked
    • Retired on 16th November 2019
    • OS: Linux
    • Tags: Arbitrary File Upload, Cronjob, Code Execution through Network Scripts
  • Jarvis
    • Retired on 9th November 2019
    • OS: Linux
    • Tags: SQL Injection, phpMyAdmin
  • Haystack
    • Retired on 2nd November 2019
    • OS: Linux
    • Tags: Port forwarding, Elastic Stack
  • Safe
    • Retired on 26th October 2019
    • OS: Linux
    • Tags: Return-Oriented Programming (Buffer Overflow), KeePass database cracking
  • Ellingson
    • Retired on 19th October 2019
    • OS: Linux
    • Tags: Python Flask / Werkzeug, Shadow file, Binary Exploitation (ROP Chain)
  • Writeup
    • Retired on 12th October 2019
    • OS: Linux
    • Tags: CVE (CMS Made Simple), Relative path in Crontab
  • Ghoul
    • Retired on 5th October 2019
    • OS: Linux
    • Tags: Zip Slip Vulnerability, Docker, Pivoting, Gogs (Git), Git Hooks, SSH Agent Forwarding
  • SwagShop
    • Retired on 28th September 2019
    • OS: Linux
    • Tags: CVE (Magento)
  • Luke
    • Retired on 14th September 2019
    • OS: Linux
    • Tags: JSON Web Token (JWT), Ajenti
  • Bastion
    • Retired on 7th September 2019
    • OS: Windows
    • Tags: VHD files, mRemoteNG
  • OneTwoSeven
    • Retired on 31st August 2019
    • OS: Linux
    • Tags: Port forwarding, Advanced Packaging Tools (APT)
  • Unattended
    • Retired on 24th August 2019
    • OS: Linux
    • Tags: SQL Injection
  • Helpline
    • Retired on 17th August 2019
    • OS: Windows
    • Tags: CVE, ManageEngine ServiceDesk, Encrypted File System
  • Arkham
    • Retired on 10th August 2019
    • OS: Windows
    • Tags: LUKS encryption, Java payloads, UAC bypassing
  • Fortune
    • Retired on 3rd August 2019
    • OS: OpenBSD
    • Tags: SSL/TLS certificates
  • LeCasaDePapel
    • Retired on 27th July 2019
    • OS: Linux
    • Tags: SSL/TLS certificates
  • CTF
    • Retired on 20th July 2019
    • OS: Linux
    • Tags: One-Time-Pad, LDAP
  • FriendZone
    • Retired on 13th July 2019
    • OS: Linux
    • Tags: DNS Enumeration
  • Netmon
    • Retired on 29th June 2019
    • OS: Windows
    • Tags: CVE (PRTG Network Monitor)
  • Querier
    • Retired on 22nd June 2019
    • OS: Windows
    • Tags: MS SQL, GPO password
  • Help
    • Retired on 8th June 2019
    • OS: Linux
    • Tags: SQL Injection, Arbitrary File Upload
  • Sizzle
    • Retired on 1st June 2019
    • OS: Windows
    • Tags: SCF File Attack, Certificate Authority, Kerberoast, BloodHound, C2 Framework Covenant
  • Chaos
    • Retired on 25th May 2019
    • OS: Linux
    • Tags: Password reuse, IMAP, Restricted shell, Firefox passwords
  • Conceal
    • Retired on 18th May 2019
    • OS: Windows
    • Tags: SNMP, IKE/IPSec
  • Lightweight
    • Retired on 11th May 2019
    • OS: Linux
    • Tags: LDAP, Traffic sniffing, Linux capabilities
  • Irked
    • Retired on 27th April 2019
    • OS: Linux
    • Tags: Internet Relay Chat (IRC), Steganography
  • Teacher
    • Retired on 20th April 2019
    • OS: Linux
    • Tags: CVE (Moodle), Cronjobs
  • RedCross
    • Retired on 13th April 2019
    • OS: Linux
    • Tags: SQL Injection, Cross-Site-Scripting (XSS), Command Injection, CVE (Haraka), PostgreSQL, Buffer Overflow
  • Vault
    • Retired on 6th April 2019
    • OS: Linux
    • Tags: Pivoting, Port Forwarding, GPG
  • Curling
    • Retired on 30th March 2019
    • OS: Linux
    • Tags: Custom Word List, Nested encoding, cURL Configuration File
  • Frolic
    • Retired on 23rd March 2019
    • OS: Linux
    • Tags: Decoding different Encodings, CVE (playSMS), Binary Exploitation
  • Carrier
    • Retired on 16th March 2019
    • OS: Linux
    • Tags: Border Gateway Protocol (BGP) Hijack
  • Access
    • Retired on 2nd March 2019
    • OS: Windows
    • Tags: Microsoft Access Database, Stored Windows Credentials, Runas
  • Zipper
    • Retired on 23rd February 2019
    • OS: Linux
    • Tags: Zabbix, Systemd timer
  • Giddy
    • Retired on 16th February 2019
    • OS: Windows
    • Tags: SQL Injection, CVE (Ubiquiti UniFi Video), Bypass AppLocker & Anti-Malware
  • Ypuffy
    • Retired on 9th February 2019
    • OS: OpenBSD
    • Tags: LDAP, SSH Certificate Authority
  • Dab
    • Retired on 2nd February 2019
    • OS: Linux
    • Tags: Fuzzing, Memcached, SSH Enumeration, Reverse Engineering
  • SecNotes
    • Retired on 19th January 2019
    • OS: Windows
    • Tags: Cross-Site-Request-Forgery (CSRF)
  • Oz
    • Retired on 12th January 2019
    • OS: Linux
    • Tags: Web API, SQL Injection, Server Side Template Injection, Port Knocking, Docker (Portainer)
  • Mischief
    • Retired on 5th January 2019
    • OS: Linux
    • Tags: SNMP, IPv6, ICMP
  • Waldo
    • Retired on 15th December 2018
    • OS: Linux
    • Tags: Directory Traversal, Docker, Restricted bash, Linux capabilities
  • Active
    • Retired on 8th December 2018
    • OS: Windows
    • Tags: Active Directory, GPO password, Kerberoast
  • Hawk
    • Retired on 1st December 2018
    • OS: Linux
    • Tags: Drupal, Decrypt OpenSSL, H2 Java SQL Database
  • Jerry
    • Retired on 17th November 2018
    • OS: Windows
    • Tags: Tomcat WAR file
  • Reel
    • Retired on 10th November 2018
    • OS: Windows
    • Tags: Phishing, Active Directory, BloodHound
  • Dropzone
    • Retired on 3rd November 2018
    • OS: Windows
    • Tags: TFTP, Manage Object Format (MOF), Alternate Data Streams
  • Bounty
    • Retired on 27th October 2018
    • OS: Windows
    • Tags: IIS web.config, CVE
  • TartarSauce
    • Retired on 20th October 2018
    • OS: Linux
    • Tags: WordPress, Remote File Inclusion (RFI), Tar, Systemd timer
  • DevOops
    • Retired on 13th October 2018
    • OS: Linux
    • Tags: XML External Entity (XXE), Python pickle, Git
  • Sunday
    • Retired on 29th September 2018
    • OS: Solaris
    • Tags: Finger, Shadow file, Wget
  • Olympus
    • Retired on 22nd September 2018
    • OS: Linux
    • Tags: Xdebug, Decipher Wireless Traffic, Port Knocking, Docker
  • Canape
    • Retired on 15th September 2018
    • OS: Linux
    • Tags: Git, Python pickle, CouchDB, pip
  • Poison
    • Retired on 8th September 2018
    • OS: FreeBSD
    • Tags: Local File Inclusion (LFI), Log Poisoning, VNC
  • Stratosphere
    • Retired on 1st September 2018
    • OS: Linux
    • Tags: CVE (Apache Struts), Forward shell, Python module attack
  • Celestial
    • Retired on 25th August 2018
    • OS: Linux
    • Tags: Node.js Deserialization attack, Cronjobs
  • Silo
    • Retired on 4th August 2018
    • OS: Windows
    • Tags: Oracle Database, ODAT, Windows Memory Dump, Volatility, Pass-The-Hash
  • Valentine
    • Retired on 28th July 2018
    • OS: Linux
    • Tags: Heartbleed, tmux
  • Aragog
    • Retired on 21st July 2018
    • OS: Linux
    • Tags: XML External Entity (XXE), Local File Inclusion (LFI), WordPress configuration
  • Bart
    • Retired on 14th July 2018
    • OS: Windows
    • Tags: Log Poisoning, Autologon Credentials
  • Nibbles
    • Retired on 30th June 2018
    • OS: Linux
    • Tags: Nibbleblog (CMS)
  • Falafel
    • Retired on 23rd June 2018
    • OS: Linux
    • Tags: SQL Injection, PHP Type Juggling, Wget character length, Linux System Groups
  • Chatterbox
    • Retired on 16th June 2018
    • OS: Windows
    • Tags: CVE (AChat chat system)
  • CrimeStoppers
    • Retired on 2nd June 2018
    • OS: Linux
    • Tags: Local File Inclusion (LFI), PHP wrapper, Thunderbird, Reverse Engineering
  • Tally
    • Retired on 28th May 2018
    • OS: Windows
    • Tags: SharePoint, KeePass database cracking, MS SQL, Scheduled task
  • Jeeves
    • Retired on 19th May 2018
    • OS: Windows
    • Tags: Jenkins, KeePass database cracking, Alternate Data Streams
  • FluxCapacitor
    • Retired on 12th May 2018
    • OS: Linux
    • Tags: Web Application Fuzzing
  • Bashed
    • Retired on 28th April 2018
    • OS: Linux
    • Tags: Webshell
  • Ariekei
    • Retired on 21st April 2018
    • OS: Linux
    • Tags: Network Pivoting, ImageTragick, Shellshock, Docker
  • Inception
    • Retired on 14th April 2018
    • OS: Linux
    • Tags: Arbitrary File Read, WebDAV, Proxy connections, Host and guest system, Advanced Packaging Tools (APT)
  • Sense
    • Retired on 24th March 2018
    • OS: FreeBSD
    • Tags: CVE (pfSense), Bypassing character filter
  • Enterprise
    • Retired on 17th March 2018
    • OS: Linux
    • Tags: SQL Injection (WordPress), Joomla, Pivoting, Binary Exploitation
  • Kotarak
    • Retired on 10th March 2018
    • OS: Linux
    • Tags: Server Side Request Forgery (SSRF), Tomcat WAF file, ntds.dit Cracking, Pivoting, Wget Exploitation
  • Node
    • Retired on 3rd March 2018
    • OS: Linux
    • Tags: Node.js, ZIP password cracking, MongoDB, Binary Exploitation, Return-to-libc Attack
  • Mantis
    • Retired on 24th February 2018
    • OS: Windows
    • Tags: Domain Controller, Kerberos Forging Attack
  • Shocker
    • Retired on 17th February 2018
    • OS: Linux
    • Tags: CVE (Shellshock)
  • Mirai
    • Retired on 10th February 2018
    • OS: Linux
    • Tags: Default credentials
  • Shrek
    • Retired on 3rd February 2018
    • OS: Linux
    • Tags: Audio Steganography, Decrypting RSA key, Dangers of wildcards
  • SolidState
    • Retired on 27th January 2018
    • OS: Linux
    • Tags: Mail, Restricted bash
  • Calamity
    • Retired on 20th January 2018
    • OS: Linux
    • Tags: Audio Steganography, Exploiting LCX (Linux Containers)
  • Blue
    • Retired on 13th January 2018
    • OS: Windows
    • Tags: CVE (EternalBlue)
  • Nineveh
    • Retired on 16th December 2017
    • OS: Linux
    • Tags: Online Password Cracking, phpLiteAdmin, Port Knocking, chkrootkit
  • Blocky
    • Retired on 9th December 2017
    • OS: Linux
    • Tags: Java files
  • Europa
    • Retired on 2nd December 2017
    • OS: Linux
    • Tags: PHP Regular Expressions, Cronjobs
  • Apocalyst
    • Retired on 25th November 2017
    • OS: Linux
    • Tags: Custom Password Lists, WordPress
  • Holiday
    • Retired on 18th November 2017
    • OS: Linux
    • Tags: SQL Injection, Cross-Site-Scripting (XSS), Node Package Manager (npm)
  • Sneaky
    • Retired on 11th November 2017
    • OS: Linux
    • Tags: SNMP, IPv6, Binary Exploitation
  • Charon
    • Retired on 4th November 2017
    • OS: Linux
    • Tags: SQL Injection, RSA decryption, Binary Exploitation
  • Optimum
    • Retired on 28th October 2017
    • OS: Windows
    • Tags: CVE (HttpFileServer)
  • Grandpa
    • Retired on 21st October 2017
    • OS: Windows
    • Tags: WebDAV, CVE
  • Granny
    • Retired on 21st October 2017
    • OS: Windows
    • Tags: WebDAV, CVE
  • Devel
    • Retired on 14th October 2017
    • OS: Windows
    • Tags: CVE
  • Lazy
    • Retired on 7th October 2017
    • OS: Linux
    • Tags: Cookie bit flipping, Binary Analysis
  • Haircut
    • Retired on 30th September 2017
    • OS: Linux
    • Tags: Exploiting cURL, Screen command
  • Bank
    • Retired on 22nd September 2017
    • OS: Linux
    • Tags: DNS, Arbitrary File Upload
  • Joker
    • Retired on 22nd September 2017
    • OS: Linux
    • Tags: Proxy connections, Sudo exploit, Dangers of wildcards
  • Bastard
    • Retired on 16th September 2017
    • OS: Windows
    • Tags: Drupal, PHP serialization vulnerability
  • Beep
    • Retired on 1st September 2017
    • OS: Linux
    • Tags: Elastix PBX, Local File Inclusion (LFI), Shellshock
  • Brainfuck
    • Retired on 26th August 2017
    • OS: Linux
    • Tags: WordPress, Keyed Vigenere Cipher, RSA decryption
  • Cronos
    • Retired on 5th August 2017
    • OS: Linux
    • Tags: DNS, Web Exploitation, Laravel
  • Tenten
    • Retired on 16th July 2017
    • OS: Linux
    • Tags: CVE (WordPress), Steganography
  • Arctic
    • Retired on 7th July 2017
    • OS: Windows
    • Tags: CVE (Adobe Coldfusion)
  • October
    • Retired on 1st July 2017
    • OS: Linux
    • Tags: Binary Exploitation, Return-to-libc Attack
  • Popcorn
    • Retired on 25th June 2017
    • OS: Linux
    • Tags: Unrestricted File Upload, CVE
  • Legacy
    • Released on 15th March 2017
    • OS: Windows
    • Tags: CVE
  • Lame
    • Released on 14th March 2017
    • OS: Linux
    • Tags: CVE

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.