HackTheBox Walkthrough

abstract-globe-geometry

Lame

Ubuntu Hardy

Easy

FTP anonymous

SMB Samba explotation

WALKTHROUGH

Backend

Ubuntu 20.04.2 LTS Focal

Medium

API Explotation (FastAPI-Python), JWToken

Password in auth.log

WALKTHROUGH

Seal

Ubuntu 20.04.2 LTS Focal

Medium

Broken Parser Logic, Tomcat .war deploy RCE

Softlink, Ansible-Playbook, /bin/bash(SUID)

WALKTHROUGH

Cache

Ubuntu 18.04.2 LTS Bionic

Medium

Authentication Bypass, SQLI, RCE

Memcache (port 11211), Docker Abuse (/mnt)

WALKTHROUGH

Tabby

Ubuntu 20.04 LTS Focal

Easy

LFI + Tomcat .war deploy RCE

LXD Abuse (lxc, /mnt)

WALKTHROUGH

GoodGames

Debian 11 (bullseye)

Easy

SQL Injection + Server Side Temp. Inj. + RCE

Docker Breakouts (Docker)

WALKTHROUGH

Validation

Ubuntu1 20.04 Focal

Easy

SQL Injection + PHP Command Injection RCE

Root password in archive config.php (Docker)

WALKTHROUGH

Sau

Ubuntu 20.04.6 LTS Focal

Easy

SSRF on Request-Baskets (CVE-2023-27163)

Sysytemctl misconfig. Broken less View

WALKTHROUGH

Wifinetic

Ubuntu 20.04.6 Focal krnwifinetic

Easy

FTP anonymus y Acceso por SHH

WPA Pin brute force attack with Reaver

WALKTHROUGH

Headless

Debian GNU/Linux 12 (bookworm)

Easy

XSS (http headers) , Command Injection

/bin/bash(SUID)

WALKTHROUGH

Perfection

Ubuntu 22.04.4 LTS Jammy

Easy

Server Side Temple Injection - WEBrick - Ruby

Hashcat Brute Force

WALKTHROUGH

Analytics

Ubuntu 22.04.3 LTS Jammy

Easy

Metabase 0.46.6 - CVE-2023-38646 (RCE)

Linux Kernel OverlayFS CVE-2023-2640 and CVE-2023-32629

WALKTHROUGH

PermX

Ubuntu 0.10 Jammy

Easy

Chamilo - CVE-2023-4220

ACL Abuse in Linux

WALKTHROUGH

Editorial

Ubuntu0.7 Jammy

Easy

Server-Side Request Forgery (SSRF)

Git enumeration, CVE-2022-24439 GitPython 3.1.29

WALKTHROUGH

Networked

CentOS 7

Easy

File upload bypass

Crontab, Command injection, /network-scripts/ in contOS

WALKTHROUGH

Mirai

RaspberryOS Pi-hole

Easy

Deafult Raspberry Pi-hole Credentials

Forency device USB

WALKTHROUGH

OpenAdmin

Linux

Easy

OpenNetAdmin 18.1.1 - RCE

Crack id_rsa hash, Bit suid with nano

WALKTHROUGH

BoardLight

Ubuntu 0.11 Focal

Easy

Dolibarr - CVE-2023-30253

Enlightenment 0.23.1 CVE-2022-37706

WALKTHROUGH

TwoMillion

Ubuntu 22.04 LTS Jammy

Easy

API Enumeration, Command Injection

CVE-2023-0386, Linux Kernel OverlayFS setuid

WALKTHROUGH

Cap

Linux

Easy

Idors

Linux capabilities SUID

WALKTHROUGH