➜ ~
Playing Hacks and Stuffs!
Project maintained by h4ckyou Hosted on GitHub Pages — Theme by mattgraham
Main
HackTheBox:
The Hack The Box platform provides a wealth of challenges - in the form of virtual machines - simulating real-world security issues and vulnerabilities that are constantly provided and updated by the community. Some of them simulate real-world scenarios, and some lean more towards a CTF style of approach.<hr>
- [[Sep 30 2023]] CozyHosting
Command Injection, Reverse Engineering, Sudo - [[July 18 2023]] Authority
Ansible Vault, PWM, ADCS - [[July 08 2023]] Sau
SSRF, Command Injection, Sudo - [[June 27 2023]] Pilgrimage
GIT, RCE - [[June 9 2023]] Updown
- [[June 9 2023]] Format
Source Code Analysis, File Inclusion, Nginx Misconfiguration, Redis, Python Format String Vulnerability - [[May 19 2023]] Three
Enumeration, AWS, RCE - [[May 19 2023]] Socket
Web Socket, SQLite Injection - [[May 12 2023]] Busqueda
Python Code Injection, Gitea, Source Code Analysis - [[May 09 2023]] OnlyForYou
LFI, Source Code Review, Command Injection, Cypher Injection - [[May 08 2023]] MonitorsTwo
Cacti RCE, SUID, CVE - [[Mar 29 2023]] Flight
- [[Mar 26 2023]] Cerberus
Icinga CVE, Path Transversal, RCE, Pivoting, Windows Joined Domain - [[Mar 12 2023]] Inject
File Upload, Directory Transveral, Spring, Ansible - [[Mar 11 2023]] Updown
Source Code Review, LFI, File Upload Vuln, PHP Dfunc Bypass, Python Code Injection, Sudo - [[Mar 05 2023]] Agile
LFI, IDOR, Sudo Edit - [[Feb 26 2023]] Escape
SMB, MSSQl, Log File Review, Certificate Template Abuse - [[Feb 25 2023]] NodeBlog
NOSQl Injection, XXE, NodeJS Insecure Deserialization, MongoDB - [[Feb 24 2023]] BackDoor
Wordpress, LFI, GdbServer, Screen - [[Feb 24 2023]] Knife
PHP 8.1.0-dev Exploit, Sudo - [[Feb 19 2023]] Bagel
LFI, Reverse Engineering, Json Insecure Deserialization, Dotnet - [[Feb 15 2023]] OpenAdmin
OpenNetAdmin, MYSQL, Port Forwarding, Sudo - [[Feb 12 2023]] Photobomb
Command Injection, Path Hijack - [[Feb 12 2023]] Encoding
LFI, GIT, SSRF, PHP Filter Chain, GIT Indent, Service Abuse - [[Feb 07 2023]] Pandora
SNMP, PandoraFMS, SQli, Suid, Reverse Engineering, Path Hijack - [[Feb 07 2023]] Paper
Wordpress, RocketChat, RCE, Kernel - [[Feb 07 2023]] Trick
Auth Bypass, LFI, SQli, Fail2ban - [[Feb 07 2023]] Timelapse
SMB, Openssl, LAPS - [[Feb 07 2023]] Nest
SMB, Reverse Engineering, Not Completed Yet ............ - [[Feb 03 2023]] Valentine
HeartBleed, Openssl, Tmux - [[Feb 02 2023]] Shocker
Shellshock, Sudo - [[Feb 02 2023]] Miraj
Pi, Sudo - [[Feb 02 2023]] Blocky
Wordpress, Java Reverse Engineering, Sudo - [[Jan 30 2023]] Bank
DNS, File Upload, Suid - [[Jan 30 2023]] Blue
EternalBlue, Msf - [[Jan 29 2023]] Nibbles
NibbleBlog, Sudo - [[Jan 29 2023]] Bashed
Php Bash, Cron - [[Jan 29 2023]] Secnotes
CSRF, Linux Subsystem - [[Jan 25 2023]] Granny
Webdav, Metasploit - [[Jan 25 2023]] Grandpa
Webdav, Metasploit - [[Jan 23 2023]] Armageddon
Drupal, Mysql, Snap - [[Jan 23 2023]] Driver
SCF Attack, Outdated Driver - [[Jan 23 2023]] Stocker
NoSQl Auth Bypass, LFI, Misconfiguration - [[Jan 23 2023]] Investigation
Command Injection, Cron, Outlook, Windows Event Logs, Reverse Engineering - [[Jan 18 2023]] Arctic
ColdFusion, RCE - [[Jan 18 2023]] Optimum
Command Injection - [[Jan 18 2023]] Beep
LFI, Hydra - [[Jan 18 2023]] Devel
File Upload, RCE - [[Jan 18 2023]] Legacy
Metasploit - [[Jan 18 2023]] Lame
Metasploit, Command Injection - [[Jan 18 2023]] ScriptKiddie
Msfvenom, Command Injection, Sudo