HackTheBox: Sau

Sau is an Easy Difficulty Linux machine that features a Request Baskets instance that is vulnerable to Server-Side Request Forgery (SSRF) via CVE-2023-27163. Leveraging the vulnerability we are to gain access to a Maltrail instance that is vulnerable to Unauthenticated OS Command Injection, which allows us to gain a reverse shell on the machine as puma. A sudo misconfiguration is then exploited to gain a root shell.

August 14, 2025 · 3 min · Bhav Goyal

HackTheBox: Voleur

This writeup covers an assumed breach scenario on HackTheBox Voleur, involving Kerberos ticket authentication, DPAPI secret extraction from archived user profiles, targeted Kerberoasting, and NTDS dump via WSL to achieve domain administrator access.

August 14, 2025 · 5 min · Bhav Goyal

HackTheBox: Certified

This writeup covers the assumed breach scenario for HackTheBox Certified, demonstrating enumeration, privilege escalation, and exploitation of Active Directory and ADCS vulnerabilities to achieve domain administrator access.

August 11, 2025 · 3 min · Bhav Goyal

HackTheBox: Aero

This writeup demonstrates enumeration and exploitation of Windows services on HackTheBox Aero, including web and network service attacks.

July 30, 2025 · 2 min · Bhav Goyal

HackTheBox: Jeeves

This writeup covers the exploitation of Jenkins and Windows services on HackTheBox Jeeves, including reverse shell generation and privilege escalation.

July 10, 2025 · 3 min · Bhav Goyal