HTB Writeup – Alert
Posted on 2024-11-25
Classic XSS + LFI exploit combination
linux
HTB Writeup – Chemistry
Posted on 2024-10-21
Deserialization for pymatgen & Directory Traversal on aiohttp
HTB Writeup – Yummy
Posted on 2024-10-06
LFI, JWT Forgery, SQLi, Crontab abuse, Mercurial hook, Rsync privesc
HTB Writeup – Trickster
Posted on 2024-09-22
XSS + RCE for PrestaShop & exploit SSTI on ChangeDetection.io
HTB Writeup – Caption
Posted on 2024-09-15
Exploit H2 Database for Java web app & abuse Apache Thrift
HTB Writeup – Sightless
Posted on 2024-09-09
SQLPad RCE vulnerability & Froxlor exploit via Chrome remote debugging
HTB Writeup – MonitorsThree
Posted on 2024-08-25
RCE for CACTI monitor system, Auth bypass for Duplicati backup solution.
HTB Writeup – Lantern
Posted on 2024-08-21
Skipper Proxy SSRF, Blazor traffic exploit, Privesc from process monitor
HTB Writeup – Sea
Posted on 2024-08-11
CVE-2023-41425 for WonderCMS RCE with malicious themes module.