#HackTheBox | Writeup

HackThebox - Sizzle

Sizzle is an ADCS box where we will explore how to make a "scf file" attack, generate a certificate via certsrv, bypass CLM & AppLocker, Kerberoasting + DCSync

Posted on Thu, Apr 14, 2022 Writeup HackTheBox ADCS SCF CLM AppLocker Kerberoasting Active Directory

HackTheBox - Shibboleth

Shibboleth is a very realistic box simulating several services used in companies such as ZABBIX, BMC, IPMI, ... and a CVE present on mariaDB

Posted on Sat, Apr 2, 2022 Writeup HackTheBox IPMI Zabbix CVE-2021-27928

HackTheBox - Monitors

Monitors is a hard box on which we will browse several web operations like LFI, SQLI and Java Deserialization but also break a container via a sys_module cap on linux.

Posted on Sat, Oct 9, 2021 Writeup HackTheBox Web SQLI LFI Container Breakout LKM Java Deserialization

HackTheBox -Reel2

Reel2 is a windows box, we will see how to do password spraying on an OWA, a simple but effective phishing technique, Bypass JEA, and to abuse a LFI in a JEA function

Posted on Sat, Mar 13, 2021 HackTheBox Writeup Password Spraying Phishing Bypass JEA APK