Search

Hackthebot 1 & 2 are web challenges from pwnme CTF

mmapro is a pwn challenge from LA CTF 2025, I haven't solved it but I got some reasonable crashes, so let's analyze my crashes and turn it into a code...

XSS Finder Tools is a pwn challenge from 1337 UP live CTF

RedCross is a medium hackthebox machine that involves a huge path to get user, so let's jump straight into the writeup

LaCasaDePapel is an easy hackthebox machine that involves chaning vstfpd backdoor to read a private key file and generate a new ssl cert to exploit a LFI, for root we...

Bastion is an easy hackthebox machine that involves a READ/WRITE share over smb to get a vhd backup file, then we can use secretdump.py to get user hash & password,...

Access is an easy hackthebox machine that involves anonymous ftp login to download files and there are some creds outlook file, we can use that to get shell via telnet....

Frienzone is an easy hackthebox machine that involves a bunch of rabbit holes. We need to chain lfi and writable smb share to get RCE, ann for root the os.py...

Forest is an easy machine from HackTheBox which involves a couple of AD attacks

Squashed is an easy hackthebox machine that was created by polarbearer & C4rm3l0 which involves a writeable share to upload a php shell on the webapp, for root we will...

Silo is Medium machine in HackTheBox which involves oracle db default creds bruteforce for initial foothold and we can root this box in multiple ways

BountyHunter is an easy machine from HackTheBox, which involves XXE for the foothold to read local files. Then we will use it to get the creds stored in `db.php` and...

GoodGames is an easy hackthebox machine that created by TheCyberGeek, which involves sqli in a login page to get a easily crackable hash, After logging in as admin we can...

Remote is an easy machine from hackthebox that involves xslt injection in umbraco cms to get initialfoothold, and SeImpersonatePrivilege for the root

Write up for the machine "Active" from HackTheBox

This is a hackthebox starting point machine that deals with SMB, MSSQL protocols

Write up for the challenge "Bellcode" from Imaginary CTF

Write up for the challenge "pyprision" from Imaginary CTF

Write up for the machine "Valentine" from HackTheBox

Write up for the challenge "HTB Console" from HackTheBox

Write up for the challenge "REG" from HackTheBox

Write up for the challenge "Optimistic" from HackTheBox

Write up for the challenge "Bat Computer" from HackTheBox

Write up for the challenge "Jeeves" from HackTheBox

Write up for the machine "nibbles" from HackTheBox

Write up for the machine "Bashed" from HackTheBox

Write up for the challenge "Easy Register" from 1337UP CTF

This blog post covers and helps you to create your Vulnerable VM

We're going to create a build script to automate the creation of the Vulnerable VM

Here we're going to see how to install vagrant in Windows operating system

Write up for the machine "Pandora" from HackTheBox

Cap is an easy machine in HTB that involves idor to dowload a pcap, you can find ssh creds there, then we need to use python cap_setuid to priv esc...