Skip to main content
Rekkodo Tech
  1. Tags/

HTB

Screenshots of Congo on an iPhone, iPad and MacBook

A collection of write-ups and walkthroughs of my adventures through HackTheBox.

HackTheBox Delivery

·6 mins
Delivery is an easy machine from HackTheBox it starts with tree open ports SSH on 22, HTTP on 80 and unknown service on 8065 that later on discovered to be mattermost that require @delivery.

HackTheBox Ready

·4 mins
Ready from HackTheBox was a medium machine, it starts with two open ports SSH on 22 and HTTP on 5080 that hosts a gitlab instance, after creating an account we find the gitlab version that is vulnerable to RCE and from there we get shell on the box, after some enumeration we recognize that we are inside a docker container, we escape the restriction of docker to the real system, for me the docker part was interesting since container technology is growing rapidly and learning about it is vital in real pentest.

HackTheBox Passage

·3 mins
Passage from HackTheBox is medium, fun but straightforward machine, it starts with two open ports SSH on 22 and HTTP on 80, we find CuteNews (which is a free, powerful and easy-to-use news management system based on flat files as a storage with quick installation, search function) it has an upload vulnerability that gives us a shell on the box and from there we hunt for some credentials for user paul who shares private ssh key with the user nadav, finaly we find vulnerable version of the program USBCreator installed that we use it for privilege escalation to root

HackTheBox Academy

·3 mins
Academy from HackTheBox was relatively an easy and straightforward machine, it starts with two open ports SSH on 22 and HTTP on 80 we find an app we abuse the registration system to gain admin access to it then we discover subdomain which is a development server full of information, from there we get a shell on the box, after that we find many users and some credentials around, we try to escalate till we get access to user mrb3n who can use sudo on composer that will give us root access.