Linux

We enumerate users via the Finger protocol, beat a terminal-based Snake game to gain SSH access, and pivot through an internal subdomain using Phpsploit to escalate privileges via the ‘uv’ tool.

This writeup details the exploitation of web vulnerabilities on HackTheBox Magic, including SQL injection, path manipulation, and privilege escalation.

This writeup covers the enumeration and exploitation of Linux services and subdomains on HackTheBox BoardLight, focusing on web and DNS discovery for privilege escalation.

This writeup covers the enumeration and exploitation of Linux services on HackTheBox Cap, focusing on network capture analysis and credential discovery for privilege escalation.