Open Source HackTheBox Writeup
In This Box we are facing interesting Stuff like Docker , git hooks and other stuff. first we got access to a docker in the machine by overwritting the appli...
In This Box we are facing interesting Stuff like Docker , git hooks and other stuff. first we got access to a docker in the machine by overwritting the appli...
In this Box we are against a windows machine has the active directory service installed on it , we can list files on smb shares and access some shared folder...
In this Box we are going to examine an android appliacation (apk) , and monitroing the requests by placing a proxy we will notice a request which we can mani...
In This Box we are going to enumerate the snmp port which will show user daniel with his password as a string in the output , we are going to login with ssh ...
In This medium Box we are playing with JWT Tokens in specific the jku Claim Misuse , which will let us login as admin account then we will use the Unicode En...
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
In this Box we are going to enumerate a udp port and dump the administrator hash ,then we will crack it , using these credentials we will login to the zabbix...
In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this ...
In this Hackthebox we will get a user access through a command injection in a vhost , then will make port forwarding to find a service that will give us the ...
In this Box, we are going to abuse the ability of uploading the firmware of a shared printer and capture the NTLMv2 hash of a user on this machine. By cracki...
In this Hackthebox we will go analyze a docker img files and from there will find some juicy stuff will help us login to a vhost “demo” which has some functi...
we got low-privilege access due to Vulnerable version of strapi CMS then got root access because of the Vulnerable Version of Laravel. main techniques used a...
detailed writeup for retired machine Forge From Hackthebox
In this Writeup you will find walkthrough of the retired machine previse From Hackthebox
This Challenge is about exploiting cross site scripting with a strict CSP in place along with XSS Santizer and other restrictions , the interesting part in t...
This challenge was in Blackhat CTF Qualifications 2022 and we have participated under the team 0xCha0s, we have managed to solve multiple challenges. this ch...
CTF name AWG 2022 challenge kenzy category web ...
Lexington Informatics Tournament CTF CTF 2022 was held from the 22nd of July Until the 25th of the month , and we have participated under the team 0xcha0s, w...
HTB Cyber Apocalypse CTF 2022 was held from the 14th of May Until the 19th of the month , and we have participated under the team 0xcha0s, we have managed to...
Nahamcon ctf 2022 was held from the 28th of April Until the 30th of the month , and we have participated under the team 0xcha0s. this challenge idea was pret...
DCTF 2022 was held from the 15th of April Until the 17th of the month , and we have participated under the team 0xcha0s, we have managed to solve multiple ch...
This challenge was in Blackhat CTF Qualifications 2022 and we have participated under the team 0xCha0s, we have managed to solve multiple challenges. this ch...
Nahamcon ctf 2022 was held from the 28th of April Until the 30th of the month , and we have participated under the team 0xcha0s. this challenge idea was pret...
detailed writeup for retired machine Forge From Hackthebox
In this Hackthebox we will get a user access through a command injection in a vhost , then will make port forwarding to find a service that will give us the ...
we got low-privilege access due to Vulnerable version of strapi CMS then got root access because of the Vulnerable Version of Laravel. main techniques used a...
In This medium Box we are playing with JWT Tokens in specific the jku Claim Misuse , which will let us login as admin account then we will use the Unicode En...
In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this ...
This Challenge is about exploiting cross site scripting with a strict CSP in place along with XSS Santizer and other restrictions , the interesting part in t...
HTB Cyber Apocalypse CTF 2022 was held from the 14th of May Until the 19th of the month , and we have participated under the team 0xcha0s, we have managed to...
In This Box we are facing interesting Stuff like Docker , git hooks and other stuff. first we got access to a docker in the machine by overwritting the appli...
In This Box we are going to enumerate the snmp port which will show user daniel with his password as a string in the output , we are going to login with ssh ...
CTF name AWG 2022 challenge kenzy category web ...
Lexington Informatics Tournament CTF CTF 2022 was held from the 22nd of July Until the 25th of the month , and we have participated under the team 0xcha0s, w...
In this room, we’ll learn how to exploit a common misconfiguration on a widely used automation server(Jenkins - This tool is used to create continuous integr...
In this Writeup you will find walkthrough of the retired machine previse From Hackthebox
In this Writeup you will find walkthrough of the retired machine previse From Hackthebox
we got low-privilege access due to Vulnerable version of strapi CMS then got root access because of the Vulnerable Version of Laravel. main techniques used a...
In this Hackthebox we will go analyze a docker img files and from there will find some juicy stuff will help us login to a vhost “demo” which has some functi...
In this Hackthebox we will go analyze a docker img files and from there will find some juicy stuff will help us login to a vhost “demo” which has some functi...
In this Box, we are going to abuse the ability of uploading the firmware of a shared printer and capture the NTLMv2 hash of a user on this machine. By cracki...
In this Box, we are going to abuse the ability of uploading the firmware of a shared printer and capture the NTLMv2 hash of a user on this machine. By cracki...
In this Box, we are going to abuse the ability of uploading the firmware of a shared printer and capture the NTLMv2 hash of a user on this machine. By cracki...
In this Hackthebox we will get a user access through a command injection in a vhost , then will make port forwarding to find a service that will give us the ...
In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this ...
In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this ...
In this Box we are going to follow documentation instructions to create a new user , will face sensitive data exposure will let us see a delete commit ,this ...
In this Box we are going to enumerate a udp port and dump the administrator hash ,then we will crack it , using these credentials we will login to the zabbix...
In this Box we are going to enumerate a udp port and dump the administrator hash ,then we will crack it , using these credentials we will login to the zabbix...
In this Box we are going to enumerate a udp port and dump the administrator hash ,then we will crack it , using these credentials we will login to the zabbix...
DCTF 2022 was held from the 15th of April Until the 17th of the month , and we have participated under the team 0xcha0s, we have managed to solve multiple ch...
DCTF 2022 was held from the 15th of April Until the 17th of the month , and we have participated under the team 0xcha0s, we have managed to solve multiple ch...
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /pr...
During studying the TCM windows privilege escalation course this is the Lab designed to cover the topics mentioned in the course. it has been a while since i...
During studying the TCM windows privilege escalation course this is the Lab designed to cover the topics mentioned in the course. it has been a while since i...
Nahamcon ctf 2022 was held from the 28th of April Until the 30th of the month , and we have participated under the team 0xcha0s. this challenge idea was pret...
In This medium Box we are playing with JWT Tokens in specific the jku Claim Misuse , which will let us login as admin account then we will use the Unicode En...
In This medium Box we are playing with JWT Tokens in specific the jku Claim Misuse , which will let us login as admin account then we will use the Unicode En...
HTB Cyber Apocalypse CTF 2022 was held from the 14th of May Until the 19th of the month , and we have participated under the team 0xcha0s, we have managed to...
In This Box we are going to enumerate the snmp port which will show user daniel with his password as a string in the output , we are going to login with ssh ...
In This Box we are going to enumerate the snmp port which will show user daniel with his password as a string in the output , we are going to login with ssh ...
In This VulnHub Box, we are facing a relatively an interesting vulnerability which is tab-nabbing that will help us phish the admin to get his credentials wh...
In This VulnHub Box, we are facing a relatively an interesting vulnerability which is tab-nabbing that will help us phish the admin to get his credentials wh...
In This VulnHub Box, we are facing a relatively an interesting vulnerability which is tab-nabbing that will help us phish the admin to get his credentials wh...
In This VulnHub Box, we are facing a relatively an interesting vulnerability which is tab-nabbing that will help us phish the admin to get his credentials wh...
In this Box we are going to examine an android appliacation (apk) , and monitroing the requests by placing a proxy we will notice a request which we can mani...
In this Box we are going to examine an android appliacation (apk) , and monitroing the requests by placing a proxy we will notice a request which we can mani...
In this Box we are going to examine an android appliacation (apk) , and monitroing the requests by placing a proxy we will notice a request which we can mani...
Lexington Informatics Tournament CTF CTF 2022 was held from the 22nd of July Until the 25th of the month , and we have participated under the team 0xcha0s, w...
In this Box we are against a windows machine has the active directory service installed on it , we can list files on smb shares and access some shared folder...
In this Box we are against a windows machine has the active directory service installed on it , we can list files on smb shares and access some shared folder...
In this Box we are against a windows machine has the active directory service installed on it , we can list files on smb shares and access some shared folder...
In This Box we are facing interesting Stuff like Docker , git hooks and other stuff. first we got access to a docker in the machine by overwritting the appli...
In This Box we are facing interesting Stuff like Docker , git hooks and other stuff. first we got access to a docker in the machine by overwritting the appli...
This Challenge is about exploiting cross site scripting with a strict CSP in place along with XSS Santizer and other restrictions , the interesting part in t...