Enumeration As always, we start by scanning the target machine’s open ports: rustscan --ulimit 5000 10.129.225.172 -- sV -sC -oN nmap_scan PORT STATE SERVICE REASON VERSION PORT STATE SERV...
Hack The Box Writeup - Forge
Enumeration As always, we start by scanning the target machine’s open ports: rustscan --ulimit 5000 10.129.224.118 -- sV -sC -oN nmap_scan PORT STATE SERVICE REASON VERSION 22/tcp open ssh ...
Hack The Box Writeup - Explore
Enumeration First, we start by scanning the target machine’s open ports. As I’ve never done a pentest for an Android system, we might have to spend some extra time on the enumeration. rustscan --...
Hack The Box Writeup - BountyHunter
BountyHunter is an easy Linux box. To get initial access to the system, the BountyHunter Bug Report form has to be exploited. It is vulnerable to XXE, thus allowing us to include arbitrary files of...
Hack The Box Writeup - Cap
Cap is an easy Linux box. By exploiting a IDOR in the web application, we got access to a PCAP file, which contained credentials for FTP. Re-using these credentials for the SSH login gave us initia...
Hack The Box Writeup - Academy
Academy is an easy Linux box. First, a web vulnerability in the registration form had to be exploited in order to get access to the website as an admin. Once we had access, the admin page revealed ...
Hack The Box Writeup - Doctor
Enumeration rustscan --ulimit 5000 10.129.2.21 -- -sV -o port_scan PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8.2p1 Ubuntu 4ubuntu0.1 (Ubuntu Linux; protocol 2.0) 8...
Hack The Box Writeup - Bank
Bank is an easy Linux box. First, we had to exploit a vulnerable file upload that still contained debug comments in the source. This allowed us to get initial shell access to the system. To get roo...
Research Project - Securing the In-Vehicle CAN Bus
An increasing number of external interfaces allows adversaries to virtually break into modern road vehicles. For this reason, researchers came up with multiple security frameworks for in-vehicle ne...