Overview This machine begins w/ a web directory enumeration, finding a directory /dev directory containing a file phpbash.php that has code execution functionality, allowing us to obtain a low-priv...

Overview This machine begins w/ a web directory enumeration, finding a cgi-bin/ directory, and by further enumerating the found directory (cgi-bin/), a bash script is found, allowing us to use an e...

Overview This is the second machine from OSCP’s TJNull’s OSCP List for HackTheBox. This machine begins w/ us enumerating several subdomains via NMAP’s HTTPS script, followed by a wordpress plugin ...

Overview After the evil-twin project, I continued to root machines on hackthebox/vulnhub and left my raspberry pi to collect dust, recently I randomly thought of my raspberry pi and wanted to put m...

Overview This machine begins w/ DNS enumeration, revealing a subdomain preprod-payroll.trick.htb that running a recruitment management system via nginx. The recruitment management system is suscept...

Overview This machine is hosting a webpage that allows user to test a file upload web application and download its source code. However, the source code is archived together with a directory .git, ...

Overview This machine begins w/ a wordpress 5.2.3 exploit, allowing us to view private post w/o being authenticated, revealing a subdomain chat.office.paper. A chatbot is running on chat.office.pa...

Recon NMAP Complete Scan # Nmap 7.92 scan initiated Fri Feb 11 18:02:47 2022 as: nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -p- -oN /root/vulnHub/Digitalworld.local-JOY/192.1...

Overview This machine begins w/ a web application (flyspray 1.0) that is susceptible to XSS + CSRF on its post comments which will create an admin account for the attacker when admin visits the pos...