Era
For the footpath part, I think it is interesting that the ssh2exec exploit was hard to think of at first, but after code review, I could see this weakness. For the root part, the only coincidence is t...
HackTheBox - Machines
Comprehensive writeups for HackTheBox machines across Easy, Medium, Hard, and Insane difficulties
Total 132 reports , currently page 2 of 14 (10 per page)
💡 Ctrl + K to quickly focus search box
EvilCUPS
EvilCUPS is all about the recent CUPS exploits that have made a lot of news in September 2024.
Heal
1,Recon port scan ``` PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.9p1 Ubuntu 3ubuntu0.10 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: ...
Instant
1,Recon port scan 22/tcp ssh 80/tcp http Apache httpd 2.4.58 There is a `http://instant.htb/downloads/instant.apk` for us to download this app.
Monitored
1,Recon Port scan ``` PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.4p1 Debian 5+deb11u3 (protocol 2.0) | ssh-hostkey: | 3072 6...
MonitorsThree
*1, Enumerate the port and services* ``` 22/tcp ssh 80/tcp http redirect to http://monitorsthree.htb/ ```
Puppy
A very good Active Directory machine, with a difficulty similar to that of the OSCP exam, which mainly requires continuous enumeration and continuous information collection at the current stage.
Strutted
For the foothold, there is no way to directly use the exploit script to get the hot verse shell, and there are also rabbit holes for upload and upload, which is somewhat confusing.
TheFrizz
1, Recon port scan ``` PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH for_Windows_9.5 (protocol 2.0) 53/tcp open domain ...
TombWatcher
The Active Directory machine is not difficult, but the process is relatively long. It is suitable for beginners of AD environment to practice.
Jump to