Anonymous access to ftp protocol and found that there exist a interesting file , Directory traversal on the nvms-1000 and grabbing that files and login in as a regular user ,Exploiting Nsclient th...

Finding a new subdomain and a tricky lfi using php Wrapper and getting a users creds , Abusing a suid that is somehow linked to another file . Got user and analyzing a python script and getting pas...

This Box is currently in hackthbox active category , You can access the writeup only if you have the Administrator user ntlm in md5 format. For More information Go to http://0xprashant.github.io/p...

Identifying the RFI and exploiting it by executing our script using smb service and getting credentials of chris,Running command as chris and getting a Shell as chris.Best part of the machine to cr...

Mounting the NFS and got a sfd file which contains a hash and cracking it with john and logged in to umbraco and after searching an exploit for it got a RCE and shell as user , abusing service uSoS...

This Box is currently in hackthbox active category , You can access the writeup only if you have the root flag of the machine.I cant reveal the box information due to hackthebox rules.Thanks

This is relatively an insane box , It revolves around the Oauth2 as feom which we get account linked to qtc (admin) using a SSRF and then a xss in which just gave we have to steal cookies of the us...

This box is currently active,So in order to read its writeup you should have the root hash Goto the following url to access the Writeup http://0xprashant.github.io/private/root.txt

Got usernames from the about page , performing a asreproast attack using GetNPusers.py and then cracking the hash with john , after login running winpeas and found autologon creds of svc_loanmgr , ...

This machine is currently active on hackthebox wait until it gets retired or if you have owned it then you need to get the Administrator NTLM hash or the root password hash from the file /etc/shado...