// Writeups
19 writeups found
Conversor Writeup β Hack The Box
[USER] I started with a fast nmap scan:
Signed - Hack The Box
[USER] Initial credentials provided:
Imagery β HTB Writeup
[USER] The web runs an Image Gallery application.
Expressway β HTB Writeup
[USER] First shot, as usual: a quick TCP port scan. If you only see one or two ports open, donβt chill yet β a lot of βquietβ boxes say the interesting stuff over UDP.
Hacknet β HTB Writeup
[USER] This writeup covers user access only using a Burp Suite workflow (no curl). Chain: SSTI in username β IDOR on likes β leak email & password β SSH.
Soulmate β Hack The Box
[USER] A new vhost was discovered: ftp.soulmate.htb
Previous - Hack The Box
[USER] Most relevant: - 22/tcp SSH - 80/tcp HTTP (nginx β Next.js app behind it)
Cobblestone - Hack The Box
[USER] Add the Cobblestone domains so the vhosts resolve.
Editor - Hack The Box
[USER] First, add the Editor domains to the hosts file so we can reach the services by name.
Era - Hack The Box
[USER] Add it to the /etc/hosts file:
Mirage - Hack The Box
[USER] Mounting the found NFS share:
Outbound Writeup - Hack The Box
[USER] Port 80 redirected to http://mail.outbound.htb/, so I added this to /etc/hosts: