HackTheBox - Lightweight|htbmachinesretired|linux-writeup-retired-hackthebox-medium-ldap-linux-capabilities-tcpdump-static-analysis-openssl

Summary

Lightweight,a Linux box created by HackTheBox user 0xEA31, was an overall easy-medium difficulty box.It was a fun box that uses Linux capabilities set on tcpdump so we can capture packets on the loopback interface and find credentials in an LDAP session. We then find more credentials in the source code of the web application and finally priv esc to root by abusing a copy of the openssl program that all has Linux caps set on it.

Read more
HackTheBox - Irked|htbmachinesretired|linux-writeup-retired-hackthebox-easy-irc-exploit-steganography-suid-binary

Summary

Irked,a Linux box created by HackTheBox user MrAgent, was an overall easy difficulty box.This box involved around finding an exploit on irc and getting a low-privilege shell, after we have a shell there is a hint on the box which point us toward steganography which give us a password using which we can get user.Root on this box was about finding a SUID set non standard binary which is executing anything in /tmp/listusers.

Read more