Tag

hackthebox

CTF Walkthroughs, Hack The Box

Hack The Box – Fuse Walkthrough

Introduction

This was an intermediate Windows machine that involved crawling a username and password from a web application to access RPC, through which a password stored in a printer’s description can be found in order to obtain remote access to the box, and exploiting a known vulnerability with the SeLoadDriverPrivilege permission to escalate privileges to SYSTEM.

Read more
CTF Walkthroughs, Hack The Box

Hack The Box – CronOS Walkthrough

Introduction

This was an intermediate Linux machine that involved exploiting an SQL injection vulnerability to gain access to a traceroute page affected by a remote command vulnerability in order to obtain a reverse shell, and exploiting a PHP function used in a cron hob to gain root-level code execution and therefore a root shell.

Read more