Sau is an Easy Difficulty Linux machine that features a Request Baskets instance that is vulnerable to Server-Side Request Forgery (SSRF) via CVE-2023-27163. Leveraging the vulnerability we are to gain access to a Maltrail instance that is vulnerable to Unauthenticated OS Command Injection, which allows us to gain a reverse shell on the machine as puma. A sudo misconfiguration is then exploited to gain a root shell.
This writeup covers the assumed breach scenario for HackTheBox Certified, demonstrating enumeration, privilege escalation, and exploitation of Active Directory and ADCS vulnerabilities to achieve domain administrator access.
This writeup demonstrates enumeration and exploitation of Windows services on HackTheBox Aero, including web and network service attacks.
This writeup covers the exploitation of Jenkins and Windows services on HackTheBox Jeeves, including reverse shell generation and privilege escalation.
This writeup describes the exploitation of FTP and web services on HackTheBox Netmon, including anonymous access and privilege escalation.