HackTheBox - Jail

Introduction This box is long! It’s got it all, buffer overflow’s, vulnerable software version, NFS exploits and cryptography. This is a difficult box, not in the techniques it has you apply, but rather in the scope of them. There’s a lot covered in this write-up so in order to keep it relatively concise I’ve included a few links in the refe... Read more 06 Jan 2018 - 17 minute read

Stack Buffer Overflows: Linux - Chapter 1

Introduction Buffer overflows are probably my favourite part of the security field. They can range from simple to incomprehensible, offer a wide variety of exploitation techniques and are just kinda fun. Also they sound way more difficult than they are! Whilst modern OS’s have started to introduce memory protections, there are always ways arou... Read more 26 Dec 2017 - 19 minute read

HackTheBox - Bastard

This post describes multiple attacks upon the Bastard box on hackthebox.eu. I’ve found myself updating and transferring my old blog in some of the dead hours of today and Piers Morgan somehow made it on the Netflix special I was watching with the family. Couldn’t resist a dig! Introduction Bastard is very much a box about understanding your e... Read more 25 Dec 2017 - 3 minute read

HackTheBox - Optimum

This post describes multiple attacks upon the Optimum box on hackthebox.eu. Introduction This is a particularly interesting box. Getting a shell is easy, perhaps one of the easiest on the site, but escalating evades a number of people, despite, in theory, also being very easy. Originally, I cracked this box in a non-intended manner, so there ... Read more 24 Dec 2017 - 6 minute read

HackTheBox - Joker

This is a re-upload of my writeup at the HackTheBox Forums, with some minor corrections. Enumeration Starting off as always, we run an nmap scan. PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.3p1 Ubuntu 1ubuntu0.1 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 88:24:e3:57:10:9f:1b:17:3d:7a:f3:26:3d:b6:33:4e (RSA)... Read more 24 Dec 2017 - 13 minute read