Challenge: Brainstorm This is a room that tests on reverse engineering a chat program to exploit a Windows machine. Recon Nmap: ─$ nmap -sC -sV -Pn 10.10.37.33 Starting Nmap 7.93 ( https://nmap...

Challenge: Relevant Recon NMAP I was not able to find any clues from the initial Nmap scans and other tools that I used. So I looked up the official writeup, and the author suggests to run a sca...

Challenge: HackPark In this box, it introduces Hydra, RCE & WinPEAS tools/techniques to exploit a Windows System. Recon NMAP nmap -sC -sV -O -sT 10.10.170.188 Starting Nmap 7.93 ( https://n...

Challenge: Alfred This box is about exploiting Jenkins (misconfiguration). Jenkins is an open source continuous integration/continuous delivery and deployment (CI/CD) automation software DevOps to...

Challenge: Blue There wasn’t a description, so I ran nmap on the IP address that I was given: PORT STATE SERVICE VERSION 135/tcp open msrpc Microsoft Windows RPC 139/tcp ope...

Description This is one of the challenges of the beginner track in HackTheBox. I was given a binary with no source code. This indicated that I would need to use Ghidra to look at the decompiled s...

Description I made a bot to automatically answer all of your questions. nc lac.tf 31180 My approach Again, the source code, its binary, and the Dockerfile were given. Looking at the sour code c...

What happens if a web browser (client) sends a reqeust to a server? Reference What is DNS (Domain Name System)? DNS resolves names domain names to IP addresses St...

Description If I gaslight you enough, you won’t be able to get my flag! :) nc lac.tf 31121 Note: The attached binary is the exact same as the one executing on the remote server. Source code Th...

PWN: bop I didn’t get to solve this by my own but there were many interesting things that I wasn’t aware of that can be used to solve this challenge. However, I wanted to talk about a few things I...