NanoCorp
Overall, it's a very simple machine; both the starting point and the privilege escalation seem to be the expected steps.
HackTheBox - Machines
Comprehensive writeups for HackTheBox machines across Easy, Medium, Hard, and Insane difficulties
Total 187 reports , currently page 3 of 19 (10 per page)
💡 Ctrl + K to quickly focus search box
Breach
Breach (medium, Windows): guest SMB write access is used to capture NTLMv2 hashes and obtain a low-privileged domain account. A kerberoastable svc_mssql service account is discovered and cracked; with...
Giveback
Overall, it's a very classic WordPress to Kubernetes migration machine. While it has some hard-coded elements and a CTF-like design.
Dump
By exploiting the website's PCAP upload/packaging function, malicious wildcards were injected into the zip command to achieve RCE and obtain a shell; the password from the database was used to move to...
Redelegate
On Redelegate, the attacker first downloaded the KeePass database via anonymous FTP and used the credentials to log into the local MSSQL database. They then performed enumeration and password spraying...
Store
The system exploits directory traversal through Express file storage to leak files encrypted with weak XOR (9 bytes), decrypts them to obtain SFTP credentials, accesses the host via SFTP, obtains an i...
Ten
Ten is a misconfigured shared-hosting box: register for FTP, abuse weak MySQL/FTP integration to pivot to a local user, then poison the etcd-driven Apache config reload to gain root.
Conversor
In general, it is a very CTF machine, mainly examining code review and the use of Xtensible Stylesheet Language Transformations.
Sendai
Sendai is a medium-difficulty AD box: anonymous SMB and RID brute force reveal expired/weak accounts; resetting thomas.powell yields a domain foothold. BloodHound shows abuse paths to the MGTSVC$ GMSA...
Hercules
It is a very complex and lengthy AD domain mixed web abnormal level machine, and it can even be said that the utilization path is more abnormal than DarkCorp.
Jump to