Hack The Box Writeups by Şefik Efe

Would you like to give me stars in Hack The Box? Thanks in advance :)

I'll be posting retired boxes' and some challenges' writeups.

You can search keywords and/or topics between writeups using top left corner search bar.

Index Table

My favourite writeup so far: Breadcrumbs

Writeup	Difficulty	OS	Foothold	Lateral Movement	Privilege Escalation
Backdoor	Easy	Linux	/proc enum using Dir traversal & GDB Server Remote Payload Exec	None	Screen cronjob
Secret	Easy	Linux	JS Code Review & Signing JWT using Bash, OS CMDI, Custom Exploitation	None	C Code Review & Leaking Memory by triggering CoreDumps
Driver	Easy	Windows	Grab NTLMv2 using SMB path in scf files	None	PrintNightmare (CVE-2021-1675)
Horizontall	Easy	Linux	Strapi CMS RCE	None	Sudo Heap Based Bof (sudoedit) & Laravel Exploitation (phpggc)
TheNotebook	Medium	Linux	JWT Auth RS256	Home backup	Docker Escape Overwriting RunC
Armageddon	Easy	Linux	Drupalgeddon2	MySQL	snapd (dirty_sock)
Breadcrumbs	Hard	Windows	LFI & PHP SESSION & Powershell File Upload	SQLite DB	Reversing & SQLi
Atom	Medium	Windows	Signature Validation Bypass in electron-updater	None	PortableKanban & redis
Ophiuchi	Medium	Linux	SnakeYaml Deserialization	None	WebAssembly formats
Spectra	Easy	Linux	WordPress reverse shell	None	initctl with sudo
Tentacle	Hard	Linux	CVE-2020-7247	None	Cronjob abuse & Misconfigured keytab
Tenet	Medium	Linux	PHP Object Injection	None	Race Condition
ScriptKiddie	Easy	Linux	Msfvenom Template Injection	None	msfconsole with sudo