INTRODUCTION Greetings! Today, we’re diving into Servmon, a box from HackTheBox. Our journey starts with exploiting a directory traversal flaw in TVT NVMS-1000, enabling us to snatch credentials ...

INTRODUCTION Hey everyone! Welcome to this blog where we’ll explore the Toolbox machine on HackTheBox. Our journey begins with exploiting an SQL injection vulnerability in a web application. Nex...

INTRODUCTION Hello everyone! Driver is an easy Windows machine available on HackTheBox. In this writeup, we’ll delve into a technique called SCF file upload attack on SMB to steal credentials fro...

INTRODUCTION In this journey, we’ll explore Return. We start by messing with a network printer to steal its credentials and sneak into the system. Then, we’ll dive into two ways to get more powe...

INTRODUCTION Welcome to our journey into Timelapse! First up, we’ll explore how WinRM lets us in without needing a password, giving us a basic level of control over the system. Next, we’ll learn...

INTRODUCTION Welcome everyone! Today, we’ll dive into hacking Sandworm, a medium-difficulty Linux box crafted by C4rm3l0 on HackTheBox. Our first step to infiltrate this box is by exploiting a Se...

INTRODUCTION Welcome to the Clicker box, crafted by Nooneye for HackTheBox. Our adventure unfolds with a meticulous examination of an NFS share, unveiling its secrets. Next on our path, we uncove...

Introduction Welcome to the Analytics, a Linux box by 7u9y and TheCyberGeek on HackTheBox. We’ll kick things off with a pre-authentication Remote Code Execution (RCE) exploit in Metabase, enablin...

INTRODUCTION Hello everyone, I trust you’re all doing great. Over the past weekend, my friend samh4cks and I stumbled upon an intriguing XSS vulnerability while participating in a bug bounty prog...

INTRODUCTION Greetings everyone, in this blog, we’ll be diving into MonitorsTwo, a beginner-friendly Linux machine crafted by TheCyberGeek on HackTheBox. Our journey begins by exploiting a vulner...