HTB Writeup – Yummy
Posted on 2024-10-06
LFI, JWT Forgery, SQLi, Crontab abuse, Mercurial hook, Rsync privesc
RCE
HTB Writeup – Trickster
Posted on 2024-09-22
XSS + RCE for PrestaShop & exploit SSTI on ChangeDetection.io
HTB Writeup – Caption
Posted on 2024-09-15
Exploit H2 Database for Java web app & abuse Apache Thrift
HTB Writeup – Sightless
Posted on 2024-09-09
SQLPad RCE vulnerability & Froxlor exploit via Chrome remote debugging
HTB Writeup – MonitorsThree
Posted on 2024-08-25
RCE for CACTI monitor system, Auth bypass for Duplicati backup solution.
HTB Writeup – Lantern
Posted on 2024-08-21
Skipper Proxy SSRF, Blazor traffic exploit, Privesc from process monitor
HTB Writeup – Sea
Posted on 2024-08-11
CVE-2023-41425 for WonderCMS RCE with malicious themes module.
HTB Writeup – Compiled
Posted on 2024-07-29
CVE-2024-32002 for Git RCE, CVE-2024-20656 for Visual Studio PE
HTB Writeup – Greenhorn
Posted on 2024-07-21
Pluck CMS RCE, and fun Depix to reveal pixelized passwords.