Checker
For the footpath, it is very interesting to use LFI to get the 2FA code. For the root, I am not talented in reverse engineering and binary vulnerable, so please check it from others.
HackTheBox - Machines
Comprehensive writeups for HackTheBox machines across Easy, Medium, Hard, and Insane difficulties
Total 132 reports , currently page 4 of 14 (10 per page)
💡 Ctrl + K to quickly focus search box
Eureka
Although the difficulty of this machine is set to hard, I don’t think it is hard at all. All the vulnerabilities and exploits are very clear and simple, without any complicated or difficult visual obs...
Haze
1, port scan ``` PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 88/tcp open kerberos-sec Microsoft Windows Kerb...
Intentions
1,Recon port scan ``` PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.9p1 Ubuntu 3ubuntu0.1 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: |...
Lantern
1, enumerate ports and services 22/tcp ssh 80/tcp http Skipper Proxy 3000/tcp ppp
Mirage
As expected of another legendary AD domain machine by the author of Dark Corp, it is very challenging and crazy. Although it is rated as hard difficulty, I think it can be considered insane, especiall...
Resource
1, enumerate the ports and services 22/tcp ssh 80/tcp http 2222/tcp ssh(in this place, it would be wired)
RustyKey
It is very suitable as a hard machine.
Scepter
This machine mainly exploits the abuse of the certificate authentication part, especially the exploit of ESC 14. It is an AD domain machine that is worth studying and reviewing repeatedly.
Vintage
1,Recon It is given that ``` Machine Information
Jump to