apache
Hackthebox - Jarvis
· ☕ 11 min read · 👤 Hong
Jarvis is a medium difficulty Linux box running a web server, which has DoS and brute force protection enabled. A page is found to be vulnerable to SQL injection, which requires manual exploitation. This service allows the writing of a shell to the web root for the foothold. The www user is allowed to execute a script as another user, and the script is vulnerable to command injection. On further enumeration, systemctl is found to have the SUID bit set, which is leveraged to gain a root shell.

Hackthebox - Tartarsauce
· ☕ 9 min read · 👤 Hong
TartarSauce is a fairly challenging box that highlights the importance of a broad remote enumeration instead of focusing on obvious but potentially less fruitful attack vectors. It features a quite realistic privilege escalation requiring abuses of the tar command. Attention to detail when reviewing tool output is beneficial when attempting this machine.

Hackthebox - Poison
· ☕ 4 min read · 👤 Hong
Poison is a fairly easy machine which focuses mainly on log poisoning and port forwarding/tunneling. The machine is running FreeBSD which presents a few challenges for novice users as many common binaries from other distros are not available.

Hackthebox - Nineveh
· ☕ 5 min read · 👤 Hong
Nineveh is not overly challenging, however several exploits must be chained to gain initial access. Several uncommon services are running on the machine and some research is required to enumerate them

Hackthebox - Cronos
· ☕ 4 min read · 👤 Hong
CronOS focuses mainly on different vectors for enumeration and also emphasises the risks associated with adding world-writable files to the root crontab. This machine also includes an introductory-level SQL injection vulnerability.

Hackthebox - Beep
· ☕ 7 min read · 👤 Hong
Beep has a very large list of running services, which can make it a bit challenging to find the correct entry method. This machine can be overwhelming for some as there are many potential attack vectors. Luckily, there are several methods available for gaining access.

Hackthebox - Bashed
· ☕ 48 min read · 👤 Hong
Bashed is a fairly easy machine which focuses mainly on fuzzing and locating important files. As basic access to the crontab is restricted.

Hackthebox - Shocker
· ☕ 10 min read · 👤 Hong
Shocker, while fairly simple overall, demonstrates the severity of the renowned Shellshock exploit, which affected millions of public-facing servers.