#hackthebox

Articles tagged with #hackthebox

HackTheBox - Snapped Writeup
Difficulty: Medium OS: Linux Tags: nginx-ui CVE-2026-27944 backup-disclosure bcrypt snapd CVE-2026-3888 race-condition suid privilege-escalation Reconnaissance We begin with a standard nmap scan to
Jun 16, 20269 min read3
HackTheBox - Abducted Writeup
Difficulty: Medium Reconnaissance Nmap nmap -sC -sV -A <MACHINE-IP> -oA abducted PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 9.6p1 Ubuntu 3ubuntu13.16 139/tcp open netbios-s
Jun 11, 202610 min read20
HackTheBox - Facts Writeup
Difficulty: Easy OS: Linux Reconnaissance Nmap nmap -sCV -A -p- <MACHINE-IP> PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 9.9p1 Ubuntu 3ubuntu3.2 80/tcp open http nginx 1.26.3 (Ubun
Jun 11, 20265 min read
HackTheBox: SimpleEncryptor challenge Writeup
Challenge Overview Category: Reverse Engineering Difficulty: Easy Target Binary: encrypt (ELF 64-bit LSB pie executable, x86-64, not stripped) Output File: flag.enc (Data file) 1. Initial Analysis
Jun 6, 20264 min read
HackTheBox - TwoMillion: A Complete Walkthrough
Overview TwoMillion is a nostalgic HackTheBox machine themed around the old HTB platform. The attack chain involves reverse-engineering obfuscated JavaScript to discover invite code logic, abusing a b
May 27, 20265 min read6
HackTheBox: DarkZero — MSSQL Trust Abuse to Domain Compromise
A complete walkthrough of HackTheBox DarkZero -- MSSQL trust abuse to full domain compromise. Introduction Active Directory environments are prime targets for attackers, yet they remain complex system
May 27, 20267 min read