HTB Writeup – MonitorsThree

Posted on 2024-08-25

RCE for CACTI monitor system, Auth bypass for Duplicati backup solution.

HTB Writeup – Lantern

Posted on 2024-08-21

Skipper Proxy SSRF, Blazor traffic exploit, Privesc from process monitor

HTB Writeup – Sea

Posted on 2024-08-11

CVE-2023-41425 for WonderCMS RCE with malicious themes module.

HTB Writeup – Resource

Posted on 2024-08-05

Active Directory in Linux? Abuse SSH CA signing

HTB Writeup – Greenhorn

Posted on 2024-07-21

Pluck CMS RCE, and fun Depix to reveal pixelized passwords.

HTB Writeup – PermX

Posted on 2024-07-07

CVE-2023-4220 for Chamilo LMS and Symlink Attack for Linux

HTB Writeup – Skyfall

Posted on 2024-07-04

Cloud hacking: MinIO, Vault, Symlink Race, Linux MOTD Hijack

HTB Writeup – Corporate

Posted on 2024-06-18

The most insane Linux box on HTB.

HTB Writeup – Editorial

Posted on 2024-06-16

Season V, Linux, Easy, Git, CVE-2022-24439, SSRF

HTB Writeup – Blurry

Posted on 2024-06-09

USER Nmap does not give us much information but a domain: Then I went for subdomain enumeration to dig out more useful information using ffuf: We have 3 subdomain entries: The &