Posts
0xPrashant Blog
Cancel

Hackthebox LoveTok writeup

Preview Image

This Challenge is currently active , You need to complete the challenge first and then try to decrypt the writeup with the help of flag

Hackthebox Laboratory writeup

Preview Image

The journey starts with a new VHOST that i got from the DNS of ssl certificate , Gitlab is hosted on the new vhost.The Current version of the gitlab-ce is vulnerable to LFI and RCE exploiting the R...

Hackthebox Academy writeup

Preview Image

Altering the administrator username by changing the roleid and login as admin on the web , two ways to get user one is admin page revealing a new VHOST which is running on laravel , and the lavare...

Hackthebox Time writeup

Preview Image

There are two features on webiste ONLINE JSON BEAUTIFIER & VALIDATOR the validator feature is vulnerable to a CVE and after searching about it bit more got initial shell as user , Privlege esca...

HackTheBox was vulnerable to reverse tabnapping

Preview Image

There was a reverse tabnapping in hackthebox in the walkthrough section due to the html link opener using target=”_blank” without any rel=”noopener nofollow” , that results redireting the victim u...

Hackthebox Buff writeup

Preview Image

This is relatively an easy box which is based on the 2 CVE’S , The PHP webapp that is hosted on port 8080 is vulnerable to a Unauthenticated Remote Code Execution from that exploit got first initia...

Hackthebox Sneakymailer writeup

Preview Image

Nmap exposing a new domain , Grabbing employees emails from a webpage . Using swaks to send Spoofed email to all the 57 emails to phish an employee . Got a Username and password , Login into the im...

Hackthebox Tabby writeup

Preview Image

Discvering a new domain and adding it to the hosts file , Identifying a Local-file-Inclusion and extracting sensitive information . Fuzzing some dirs and got the tomcat-users.xml which contain user...

Hackthebox Fuse writeup

Preview Image

Got few usernames from the files from the website itself and making a custom wordlist from the website itself using cewl . Password Sparying using metasploit on the smb protocol , Got the correct u...

Fortress Akerva writeup

Preview Image

The Fortress is currently active , Better you just own it first and then enter the last flag to decrypt the writeup.If you completed the fortress then you can simply enter the last flag of the Aker...