Ivan’s blog

Pentester, working in Red Team

  • Protected: HackTheBox – Backdoor

    Protected: HackTheBox – Backdoor

    There is no excerpt because this is a protected post.

  • Protected: HackTheBox – Secret

    Protected: HackTheBox – Secret

    There is no excerpt because this is a protected post.

  • HackTheBox – Drivers

    HackTheBox – Drivers

    Hello ! This time I’m gonna show you my write up of Driver. This boot2root challenge from HackTheBox was a great journey, the first part included the explotation of a user side attack, through a well known Windows feature and the second part was useful to understand a critical vulnerability that appeared some months ago in the Windows Spooler service.

  • HackTheBox – Forge

    HackTheBox – Forge

    Welcome to another HackTheBox blog entry, this time I’m gonna show the steps to resolve the Forge challenge, categorized as medium level of difficulty. The user is solved chaining vulnerabilities in the web server, then the privilege escalation involves a Python functionality which is executed as root with SUDO.

  • HackTheBox – Horizontall

    HackTheBox – Horizontall

    Hi ! Welcome to another write-up of another HackTheBox boot2root challenge. This one was a easy one based mainly in the exploitation of common vulnerabilities and some web and local enumeration.

  • HackTheBox – Previse

    HackTheBox – Previse

    Hey ! Welcome to another HackTheBox post, this time I’m gonna show you how to solve the new HTB machine named ‘Previse’. This machine was categorised as easy with good accuracy, it’s not so difficult to find the path to own the machine. The user is achieved by the abuse of one of the OWASP top vulnerabilities and the privilege escalation is based on a insecure path reference in the configuration.

  • HackTheBox – Schooled

    HackTheBox – Schooled

    Welcome to another HackTheBox write-up, this time I will explain the procedure to solve a medium machine named ‘Schooled’. The name is pretty appropriate because the initial entry point comes from a vulnerable Moodle web site. Once gained access to the internal server, the first privilege escalation to the user is achieved by the cracking of an insecure password hash. Finally, the privilege escalation to ‘root’ is based in insecure permissions configured in the server that allows the user to execute a GTFObin with SUDO.

  • HackTheBox – BountyHunter

    HackTheBox – BountyHunter

    Welcome to another post with the write-up of the HackTheBox machine “BugHunter”. This machine was interesting because the initial access requires te exploitation of a common web vulnerability and the privilege escalation phase involved the analysis of a vulnerable python code.

  • HackTheBox – Love

    HackTheBox – Love

    Welcome to another post with the write-up of the HackTheBox machine “Love”. This was a great challenge because it involved the exploitation of common web vulnerabilities.

  • HackTheBox – Cap

    HackTheBox – Cap

    Hello ! This time I will show you how the ‘Cap’ challenge is solved. This boot2root CTF has been retired from HackTheBox platform so I can disclose the solution. This machine was categorized as Easy and I totally agree with this level of difficulty because it is not required a lot of hacking knowledge to achieve this challenge, only some skills in network analysis to get user and a little enumeration in the privilege escalation.

  • HackTheBox – Knife

    HackTheBox – Knife

    Welcome to my first hackthebox write-up, in this first blog entry I’m gonna show you the steps to resolve this easy machine from this amazing platform. Knife is a good example of easy machine for those who are taking their first experience with the boot2root challenges because it involves a lot of enumeration (the vulnerability is not being shown in front of your eyes when you starts the enumeration phase) and the privilege escalation phase is a common way to escalate in these challenges.

Published posts: