Category: How To’s
The difficulty presented by HTB machines can be challenging, frustrating, and rewarding. I think the machine TraceBack provides a perfect balance of all 3 of those qualities into a very fun experience.
The challenge given by Remote will have you breaking into the Umbraco CMS system on multiple levels.
It felt good to spend a day roasting in the Sauna while sharpening the Windows attack skills.
Overall this was a great host for emulating what is commonly seen on real world windows networks in many companies today.
Overall a very straight forward challenge, and a great target to practice the entire attackers methodology.
Walkthru for Postman This is a detailed walk-thru for Postman.htb, written by dR1PPy. A Good Challenge is Presented by Postman, and learning how to attack ReDis Services. Much thanks to TheCyberGeek Enumeration Attacking Redis Server We find the Redis service running on port 6379 We find a working exploit and a few tools to execute…
Walkthru for Traverxec This is a detailed walk-thru for Traverxec, written by dR1PPy. The challenge provided by Traverxec covers a good range exploits chained with bad system administration. In other words it provides a pretty good real world experience. Much thanks to jkr for the challenge. Enumeration We start with our standard NMAP scan and…
Duplex Proxy Setup Below you will find instructions on how to setup a duplex proxy setup. Once you complete the walk-thru you will find it is very easy to add multiple proxies to your chain using the same technique shown here. Here is a quick overview of the setup, we will be chaining both proxy…
Walkthru for JSON.htb This is a detailed walk-thru for JSON.htb written by dR1PPy JSON was a very fun machine for attacking vulnerable serialization services. This challenge has a very real world feel and was a great overall experience. Much thanks to Cyb3rb0b for putting this challenge together, also for the clever nameplay based on the…
Walk-Thru for Craft.HTB This is a detailed walk-thru for craft.htb written by dR1PPy Overall the host has been graded with a fair rating. The path to user is not simple, but there are not a lot of rabbit holes to find yourself trapped in. The path to root was fairly easy if you can…