Ellignson,a Linux box created by HackTheBox user Ic3M4n, was an overall medium to hard difficulty box.The Initial foothold was getting werzeug debugger and get a low privilege user then get the user by cracking the password for the user from shadow.bak. Root on this box a binary exploitation to get a shell as root, which was hard for me but was really fun.
Bitlab,a Linux box created by HackTheBox user Frey and thek, was an overall easy medium difficulty box. The initial foothold was about finding the cred and the profile and this get you RCE and a low-privilege shell.I did the unintended way and got root from www-data.
Luke, a FreeBSD box created by HackTheBox user H4d3s, was an overall simple medium-difficulty box. Rooting this host is mostly a matter of taking advantage of its sensitive information disclosure, its password reuse, and its over-zealous privileges that are available from the web host. This was the first box where I had rooted the box before getting user.
Lightweight,a Linux box created by HackTheBox user thek, was an overall easy difficulty box.the login shell was changed to psysh so I couldn’t use the vsftpd exploit to get a full shell on the box. LaCasaDePapel has some typical HTB elements: scavenger hunt for SSH keys, base64 encoding and a cronjob running as root for final priv esc.
Onetwoseven,a Linux box created by HackTheBox user jkr, was an overall hard difficulty box.I really enjoy this box.The foothold for this Linux box craftily utilizes symbolic links and port forwarding through sftp to gain access to the admin interface. This ultimately leads to RCE and a shell after some addon-based web exploitation. For escalating to the root user, we take advantage of the available apt sudo commands while performing a man-in-the-middle package injection via http-proxy.