Open Source HackTheBox Writeup
In This Box we are facing interesting Stuff like Docker , git hooks and other stuff. first we got access to a docker in the machine by overwritting the appli...
Posts by Tag
- Hackthebox 14
- CTF 7
- SSRF 3
- Port forwarding 2
- JWT 2
- XSS 2
- port-forwarding 2
- sql-injection 2
- Jekyll 1
- RCE 1
- path poisoning 1
- chisel 1
- SSTI 1
- PGP Decrypting 1
- print nigthmare 1
- scf attacks 1
- evil-winrm 1
- rce 1
- API 1
- SUID 1
- core-dump 1
- ipmi 1
- maria-DB 1
- zabbix 1
- SQL injection 1
- python 1
- wordpress 1
- Waste 1
- directory Traversal 1
- gdb server 1
- screen 1
- TryHackme 1
- windows-privesc 1
- html injection 1
- directory-traversal 1
- decompile-binary 1
- IDOR 1
- snmp 1
- Path-Poisoning 1
- Vulnhub 1
- tab-nabbing 1
- phishing 1
- vim 1
- apk 1
- adb 1
- sudo-exploit 1
- ssti 1
- Active-directory 1
- LAPS 1
- pfx 1
- git 1
- docker 1
- CSP 1
Hackthebox
Timelapse Hackthebox writeup
In this Box we are against a windows machine has the active directory service installed on it , we can list files on smb shares and access some shared folder...
Routerspace Hackthebox writeup
In this Box we are going to examine an android appliacation (apk) , and monitroing the requests by placing a proxy we will notice a request which we can mani...
Pandora Hackthebox writeup
In This Box we are going to enumerate the snmp port which will show user daniel with his password as a string in the output , we are going to login with ssh ...
Unicode Hackthebox writeup
In This medium Box we are playing with JWT Tokens in specific the jku Claim Misuse , which will let us login as admin account then we will use the Unicode En...
Backdoor Hackthebox writeup
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
Shibboleth Hackthebox writeup
In this Box we are going to enumerate a udp port and dump the administrator hash ,then we will crack it , using these credentials we will login to the zabbix...
Secret Hackthebox writeup
In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this ...
Devzat Hackthebox writeup
In this Hackthebox we will get a user access through a command injection in a vhost , then will make port forwarding to find a service that will give us the ...
Driver Hackthebox writeup
In this Box, we are going to abuse the ability of uploading the firmware of a shared printer and capture the NTLMv2 hash of a user on this machine. By cracki...
Bolt Hackthebox writeup
In this Hackthebox we will go analyze a docker img files and from there will find some juicy stuff will help us login to a vhost “demo” which has some functi...
Horizontall Hackthebox writeup
we got low-privilege access due to Vulnerable version of strapi CMS then got root access because of the Vulnerable Version of Laravel. main techniques used a...
Forge Hackthebox writeup
detailed writeup for retired machine Forge From Hackthebox
Previse Hackthebox writeup
In this Writeup you will find walkthrough of the retired machine previse From Hackthebox
CTF
JustCTF Extra Safe Security Layers writeup
This Challenge is about exploiting cross site scripting with a strict CSP in place along with XSS Santizer and other restrictions , the interesting part in t...
meme generator challenge writeup
This challenge was in Blackhat CTF Qualifications 2022 and we have participated under the team 0xCha0s, we have managed to solve multiple challenges. this ch...
kenzy challenge Writeup
CTF name AWG 2022 challenge kenzy category web ...
Flushed Emoji challenge Writeup
Lexington Informatics Tournament CTF CTF 2022 was held from the 22nd of July Until the 25th of the month , and we have participated under the team 0xcha0s, w...
Kryptos Support challenge Writeup
HTB Cyber Apocalypse CTF 2022 was held from the 14th of May Until the 19th of the month , and we have participated under the team 0xcha0s, we have managed to...
Hacker Ts challenge writeup
Nahamcon ctf 2022 was held from the 28th of April Until the 30th of the month , and we have participated under the team 0xcha0s. this challenge idea was pret...
SQL Tutor challenge writeup
DCTF 2022 was held from the 15th of April Until the 17th of the month , and we have participated under the team 0xcha0s, we have managed to solve multiple ch...
SSRF
meme generator challenge writeup
This challenge was in Blackhat CTF Qualifications 2022 and we have participated under the team 0xCha0s, we have managed to solve multiple challenges. this ch...
Hacker Ts challenge writeup
Nahamcon ctf 2022 was held from the 28th of April Until the 30th of the month , and we have participated under the team 0xcha0s. this challenge idea was pret...
Forge Hackthebox writeup
detailed writeup for retired machine Forge From Hackthebox
Port forwarding
Devzat Hackthebox writeup
In this Hackthebox we will get a user access through a command injection in a vhost , then will make port forwarding to find a service that will give us the ...
Horizontall Hackthebox writeup
we got low-privilege access due to Vulnerable version of strapi CMS then got root access because of the Vulnerable Version of Laravel. main techniques used a...
JWT
Unicode Hackthebox writeup
In This medium Box we are playing with JWT Tokens in specific the jku Claim Misuse , which will let us login as admin account then we will use the Unicode En...
Secret Hackthebox writeup
In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this ...
XSS
JustCTF Extra Safe Security Layers writeup
This Challenge is about exploiting cross site scripting with a strict CSP in place along with XSS Santizer and other restrictions , the interesting part in t...
Kryptos Support challenge Writeup
HTB Cyber Apocalypse CTF 2022 was held from the 14th of May Until the 19th of the month , and we have participated under the team 0xcha0s, we have managed to...
port-forwarding
Open Source HackTheBox Writeup
In This Box we are facing interesting Stuff like Docker , git hooks and other stuff. first we got access to a docker in the machine by overwritting the appli...
Pandora Hackthebox writeup
In This Box we are going to enumerate the snmp port which will show user daniel with his password as a string in the output , we are going to login with ssh ...
sql-injection
kenzy challenge Writeup
CTF name AWG 2022 challenge kenzy category web ...
Flushed Emoji challenge Writeup
Lexington Informatics Tournament CTF CTF 2022 was held from the 22nd of July Until the 25th of the month , and we have participated under the team 0xcha0s, w...
Jekyll
Alferd
In this room, we’ll learn how to exploit a common misconfiguration on a widely used automation server(Jenkins - This tool is used to create continuous integr...
RCE
Previse Hackthebox writeup
In this Writeup you will find walkthrough of the retired machine previse From Hackthebox
path poisoning
Previse Hackthebox writeup
In this Writeup you will find walkthrough of the retired machine previse From Hackthebox
chisel
Horizontall Hackthebox writeup
we got low-privilege access due to Vulnerable version of strapi CMS then got root access because of the Vulnerable Version of Laravel. main techniques used a...
SSTI
Bolt Hackthebox writeup
In this Hackthebox we will go analyze a docker img files and from there will find some juicy stuff will help us login to a vhost “demo” which has some functi...
PGP Decrypting
Bolt Hackthebox writeup
In this Hackthebox we will go analyze a docker img files and from there will find some juicy stuff will help us login to a vhost “demo” which has some functi...
print nigthmare
Driver Hackthebox writeup
In this Box, we are going to abuse the ability of uploading the firmware of a shared printer and capture the NTLMv2 hash of a user on this machine. By cracki...
scf attacks
Driver Hackthebox writeup
In this Box, we are going to abuse the ability of uploading the firmware of a shared printer and capture the NTLMv2 hash of a user on this machine. By cracki...
evil-winrm
Driver Hackthebox writeup
In this Box, we are going to abuse the ability of uploading the firmware of a shared printer and capture the NTLMv2 hash of a user on this machine. By cracki...
rce
Devzat Hackthebox writeup
In this Hackthebox we will get a user access through a command injection in a vhost , then will make port forwarding to find a service that will give us the ...
API
Secret Hackthebox writeup
In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this ...
SUID
Secret Hackthebox writeup
In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this ...
core-dump
Secret Hackthebox writeup
In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this ...
ipmi
Shibboleth Hackthebox writeup
In this Box we are going to enumerate a udp port and dump the administrator hash ,then we will crack it , using these credentials we will login to the zabbix...
maria-DB
Shibboleth Hackthebox writeup
In this Box we are going to enumerate a udp port and dump the administrator hash ,then we will crack it , using these credentials we will login to the zabbix...
zabbix
Shibboleth Hackthebox writeup
In this Box we are going to enumerate a udp port and dump the administrator hash ,then we will crack it , using these credentials we will login to the zabbix...
SQL injection
SQL Tutor challenge writeup
DCTF 2022 was held from the 15th of April Until the 17th of the month , and we have participated under the team 0xcha0s, we have managed to solve multiple ch...
python
SQL Tutor challenge writeup
DCTF 2022 was held from the 15th of April Until the 17th of the month , and we have participated under the team 0xcha0s, we have managed to solve multiple ch...
wordpress
Backdoor Hackthebox writeup
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
Waste
Backdoor Hackthebox writeup
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
directory Traversal
Backdoor Hackthebox writeup
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
gdb server
Backdoor Hackthebox writeup
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
screen
Backdoor Hackthebox writeup
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
TryHackme
Windows-PrivEsc-Arena TryHackMe writeup
During studying the TCM windows privilege escalation course this is the Lab designed to cover the topics mentioned in the course. it has been a while since i...
windows-privesc
Windows-PrivEsc-Arena TryHackMe writeup
During studying the TCM windows privilege escalation course this is the Lab designed to cover the topics mentioned in the course. it has been a while since i...
html injection
Hacker Ts challenge writeup
Nahamcon ctf 2022 was held from the 28th of April Until the 30th of the month , and we have participated under the team 0xcha0s. this challenge idea was pret...
directory-traversal
Unicode Hackthebox writeup
In This medium Box we are playing with JWT Tokens in specific the jku Claim Misuse , which will let us login as admin account then we will use the Unicode En...
decompile-binary
Unicode Hackthebox writeup
In This medium Box we are playing with JWT Tokens in specific the jku Claim Misuse , which will let us login as admin account then we will use the Unicode En...
IDOR
Kryptos Support challenge Writeup
HTB Cyber Apocalypse CTF 2022 was held from the 14th of May Until the 19th of the month , and we have participated under the team 0xcha0s, we have managed to...
snmp
Pandora Hackthebox writeup
In This Box we are going to enumerate the snmp port which will show user daniel with his password as a string in the output , we are going to login with ssh ...
Path-Poisoning
Pandora Hackthebox writeup
In This Box we are going to enumerate the snmp port which will show user daniel with his password as a string in the output , we are going to login with ssh ...
Vulnhub
napping 1.0.1 vulnhub writeup
In This VulnHub Box, we are facing a relatively an interesting vulnerability which is tab-nabbing that will help us phish the admin to get his credentials wh...
tab-nabbing
napping 1.0.1 vulnhub writeup
In This VulnHub Box, we are facing a relatively an interesting vulnerability which is tab-nabbing that will help us phish the admin to get his credentials wh...
phishing
napping 1.0.1 vulnhub writeup
In This VulnHub Box, we are facing a relatively an interesting vulnerability which is tab-nabbing that will help us phish the admin to get his credentials wh...
vim
napping 1.0.1 vulnhub writeup
In This VulnHub Box, we are facing a relatively an interesting vulnerability which is tab-nabbing that will help us phish the admin to get his credentials wh...
apk
Routerspace Hackthebox writeup
In this Box we are going to examine an android appliacation (apk) , and monitroing the requests by placing a proxy we will notice a request which we can mani...
adb
Routerspace Hackthebox writeup
In this Box we are going to examine an android appliacation (apk) , and monitroing the requests by placing a proxy we will notice a request which we can mani...
sudo-exploit
Routerspace Hackthebox writeup
In this Box we are going to examine an android appliacation (apk) , and monitroing the requests by placing a proxy we will notice a request which we can mani...
ssti
Flushed Emoji challenge Writeup
Lexington Informatics Tournament CTF CTF 2022 was held from the 22nd of July Until the 25th of the month , and we have participated under the team 0xcha0s, w...
Active-directory
Timelapse Hackthebox writeup
In this Box we are against a windows machine has the active directory service installed on it , we can list files on smb shares and access some shared folder...
LAPS
Timelapse Hackthebox writeup
In this Box we are against a windows machine has the active directory service installed on it , we can list files on smb shares and access some shared folder...
pfx
Timelapse Hackthebox writeup
In this Box we are against a windows machine has the active directory service installed on it , we can list files on smb shares and access some shared folder...
git
Open Source HackTheBox Writeup
In This Box we are facing interesting Stuff like Docker , git hooks and other stuff. first we got access to a docker in the machine by overwritting the appli...
docker
Open Source HackTheBox Writeup
In This Box we are facing interesting Stuff like Docker , git hooks and other stuff. first we got access to a docker in the machine by overwritting the appli...
CSP
JustCTF Extra Safe Security Layers writeup
This Challenge is about exploiting cross site scripting with a strict CSP in place along with XSS Santizer and other restrictions , the interesting part in t...