HackTheBox.

The Hack The Box platform provides a wealth of challenges - in the form of virtual machines - simulating real-world security issues and vulnerabilities that are constantly provided and updated by the community. Some of them simulate real-world scenarios, and some lean more towards a CTF style of approach.<hr>

[[Aug. 7 2023]] irked Enumeration, IRCD, Steganography
[[Aug. 10 2023]] Templated Flask, SSTI, RCE
[[Aug. 10 2023]] Phonebook LDAP, Bruteforcing
[[Aug. 11 2023]] Bounty Hunter XXE injection, Python Privilege Escalation
[[Aug. 11 2023]] Valentine CVE-2014-0160, SSH, Tmux Priv_Esc
[[Aug. 12 2023]] Precious exiftool, ruby, Insecure Deserialization
[[Aug. 15 2023]] Cap pcap file, FTP, SSH, Capabilities
[[Aug. 15 2023]] Knife PHP 8.1.0-dev, RCE, GTFOBINS
[[Aug. 18 2023]] Antique JetDirect Password Disclosure, Pivoting, Root-File Read
[[Sep. 14 2023]] Broker ActiveMQ RCE(CVE-2023-46604), Nginx file read

sec👨‍💻fortress:~#

Defensive By Offensive!.

Root

HackTheBox: