Overview: Reay is a interesting box that teaches Docker breakout. First off the start with a vulnerable gitlab that has a public exploit, After gotten into the box and realized it was inside a docker container and the container has a vulnerability that allows you to execute command outside the…

Overview: Attended is a one of the craziest hard machine in Hackthebox that includes exploiting a binary file. The foothold is to phishing the email smtp port and take advantage of vulnerable vim version to get code execution, after get into the machine there is another host running port 2222…

Overview: Sharp is a hard windows machine that exploits remoting server and wcf (Windows Communication Foundation), And they must done in a windows environment. There are public exploits (recompiled )out there from 2014, but they require many set up before run the exploits including serialization, after gotten a shell, there…

Overview: Bucket is a fun linux machine exploiting aws bucker server. After fuzz subdomain there is a bucket server running. Use aws CLI commands to find a endpoint and use put-item to upload a reverse shell. PriEsc is also to exploit aws bucket. but its abit hard to do. After…

Overview: Laboratory is an easy and fun machine. It exploits vulnerable gitlab by the buildin function Rails console, this a command line on gitlab to interact with gitlab over commands such as changing user’s password. The foothold is to take advantage of Rails console by changing admin dexter’s password and…

Overview: APT is AN insanely tough windows AD box, this box requires deep knowledge for a windows AD environments. First is to leak the ipv6 address on the server because namp only returned 2 ports which is 80 and 135 on the server, after gotten the ipv6 address there 445port…

Overview: Time is a medium-level machine. First the web server running java scripts that has a vulnerable Jackson library for json deserialization. After got a shell, there is a cronjob that running as root privilege and has write access for the user. …

Overview: Luanne is an great easy BSD machine. First it comes to a vulnerable lua weather script running on the web server that allows code execution and then there is a backend server running that exposed id_rsa file for the user that by having user’s credentials and using curl to…

Overview: This is an OSCP prep box form Vulnhub Created by FalconSpy & InfoSec Prep Discord Server ( https://discord.gg/RRgKaep ), It’s relatively easy but still teach some good stuff for people who begins to prepare OSCP (I was one of them). The image can be found the link below. …