Booj thoughts on security

HackTheBox - Bastard

This post describes multiple attacks upon the Bastard box on hackthebox.eu. I’ve found myself updating and transferring my old blog in some of the dead hours of today and Piers Morgan somehow made it on the Netflix special I was watching with the family. Couldn’t resist a dig! Introduction Bastard is very much a box about understanding your e... Read more

HackTheBox - Optimum

This post describes multiple attacks upon the Optimum box on hackthebox.eu. Introduction This is a particularly interesting box. Getting a shell is easy, perhaps one of the easiest on the site, but escalating evades a number of people, despite, in theory, also being very easy. Originally, I cracked this box in a non-intended manner, so there ... Read more

HackTheBox - Joker

This is a re-upload of my writeup at the HackTheBox Forums, with some minor corrections. Enumeration Starting off as always, we run an nmap scan. PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.3p1 Ubuntu 1ubuntu0.1 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 88:24:e3:57:10:9f:1b:17:3d:7a:f3:26:3d:b6:33:4e (RSA)... Read more

Privilege Escalation via lxd

LXD is Ubuntu’s container manager utilising linux containers. It could be considered to act in the same sphere as docker, The lxd group should be considered harmful in the same way the docker group is. Under no circumstances should a user in a local container be given access to the lxd group. This is because it’s entirely trivial to exploit.... Read more

HackTheBox - Lame

This writeup details attacking the machine Lame (10.10.10.3) on HackTheBox. Enumeration First things first, as with any machine, we want to nmap scan it to see what ports are open. root@kali:~/reboare.github.io/_posts# nmap -p- 10.10.10.3 -T4 Nmap scan report for 10.10.10.3 Host is up (0.062s latency). Not shown: 65530 filtered ports PORT ... Read more