HackTheBox Writeup: Pikaboo

In this machine I learned about nginx misconfigurations, LDAP enumeration, log poisoning and perl command injections.

November 17, 2021 · 9 min · Zebra

HackTheBox Writeup: Secret

Simple machine to learn about JWT signing and root privileged core dumps to read file contents.

November 16, 2021 · 7 min · Zebra

HackTheBox Writeup: Static

This machine teaches about recovering gzip files, some basics of OneTimePasswords, exploiting xdebug and path injection.

November 1, 2021 · 8 min · Zebra

HackTheBox Writeup: Devzat

Simple machine with a lot of OSINT and an easy bash command injection.

October 29, 2021 · 9 min · Zebra

HackTheBox Writeup: Bolt

Machine that can be solved with a bit of OSINT.* *It teaches about Chrome extensions PGP keys and Server Side Template Injection.

October 24, 2021 · 9 min · Zebra