A useless CyberSec Engineer & Linux/Unix Sysadmin
This is my writeup for the Devvortex machine of hackthebox.com platform. The machine was retired today…so it’s now possible to publish a writeup. Remember this is just how I solved/owned the machine, maybe there are different and fast paths but…
It’s an easy machine and the path to follow is pretty straight forward (too much for HTB?). Remember to add the IP/Host in your /etc/hosts!
Recon First of all I run a classic nmap scan:
This is my writeup for the Oh My Webserver room/machine of the TryHackMe.com platform. Remember this is just how I solved/owned the machine, maybe there are different and fast paths but…
Machine Can you root me?
The machine is rated as a medium machine and if you’re looking for a good machine…go for it. Thanks a lot to tinyb0y for this machine! Thanks a lot also to the great cyberaguiar, he helped me to reach the proper vector (after the first unintended way to exploit the machine)!
This is my writeup for the Plotted-TMS room/machine of the TryHackMe.com platform. Remember this is just how I solved/owned the machine, maybe there are different and fast paths but…
Machine Enumeration is the key
The machine is rated as an easy machine and if you’re looking for an easy machine with a different PE this is for you. Thanks a lot to sa.infinity8888 for this machine!
The techiques used in this machine over a small enumeration:
This is my writeup for the Gallery room/machine of TryHackMe.com platform. Remember this is just how I solved/owned the machine, maybe there are different and fast paths but…
Machine Our gallery is not very well secured.
The machine is rated as an easy machine and if you’re looking for a simple machine to practice/learn…do it. If you’re confortable with THM medium/hard rooms it will be a good exercise!
The techiques used in this machine over a small enumeration:
This is my writeup for the Lumberjack Turtle room/machine of TryHackMe.com platform. Remember this is just how I solved/owned the machine, maybe there are different and fast paths but…
Machine No logs, no crime… so says the lumberjack.
The machine is rated as a medium machine and it’s one of the best way to understand how the famous log4j vulnerability works. If it’s your first time with the log4j vuln I suggest, before starting this machine, to complete the walkthrough room created by John Hammond for TryHackme: Solar, exploiting log4j - Explore CVE-2021-44228, a vulnerability in log4j affecting almost all software under the sun.
This is my writeup for the Horizontall machine of hackthebox.com platform. The machine was retired today…so it’s now possible to publish a writeup. Remember this is just how I solved/owned the machine, maybe there are different and fast paths but…
It’s an easy machine and the good/best part is…you’ve to enumerate a “lot” and change the exploit/PoC.
Recon First of all I run a classic nmap scan:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 nmap -sC -sV -p- horizontall.