Luke, a FreeBSD box created by HackTheBox user H4d3s, was an overall simple medium-difficulty box. Rooting this host is mostly a matter of taking advantage of its sensitive information disclosure, its password reuse, and its over-zealous privileges that are available from the web host. This was the first box where I had rooted the box before getting user.
Lightweight,a Linux box created by HackTheBox user thek, was an overall easy difficulty box.the login shell was changed to psysh so I couldn’t use the vsftpd exploit to get a full shell on the box. LaCasaDePapel has some typical HTB elements: scavenger hunt for SSH keys, base64 encoding and a cronjob running as root for final priv esc.
Onetwoseven,a Linux box created by HackTheBox user jkr, was an overall hard difficulty box.I really enjoy this box.The foothold for this Linux box craftily utilizes symbolic links and port forwarding through sftp to gain access to the admin interface. This ultimately leads to RCE and a shell after some addon-based web exploitation. For escalating to the root user, we take advantage of the available apt sudo commands while performing a man-in-the-middle package injection via http-proxy.
Chaos,a Linux box created by HackTheBox user felamos, was an overall simple medium-difficulty box.This box surrounded around credentials reuse and had a little exploitation.It taught me how to use openssl to connect to a mail server and read mails without any mail client.It also taught me little about working with Latex.Root in this box was pretty simple you just had to find and extract the password from Firefox saved password
Lightweight,a Linux box created by HackTheBox user 0xEA31, was an overall easy-medium difficulty box.It was a fun box that uses Linux capabilities set on tcpdump so we can capture packets on the loopback interface and find credentials in an LDAP session. We then find more credentials in the source code of the web application and finally priv esc to root by abusing a copy of the openssl program that all has Linux caps set on it.