Close
Menu

Writeup

Noter

Noter – HackTheBox Writeup

, , , , , , , , , , , , 0

Machine Name: Noter
IP: 10.10.11.140
Difficulty: Medium

Summary

Noter is a machine that expects basic enumeration to lead to session cookies, JWT secrets, and credentials to servers. It teaches code review, and identification of code injections. Privilege Escalation was fairly simple as it was achieved with a public exploit that required credentials obtained during enumeration. The exploit allowed command execution as root through MySQL to gain a root shell.

Read More
Late

Late – HackTheBox Writeup

, , , , , , , , , , , , , 0

Machine Name: Late
IP: 10.10.11.156
Difficulty: Easy

Summary

Late has an interesting way of exploiting Server Side Template Injection (SSTI) through image to text conversion. Once an image payload that is recognized well by the application is executed, we obtain a user level shell. To escalate privileges, simple enumeration leads to an interesting file run by root. With some understanding of file attributes, it is easy enough to run code as root to get root privileges.

Read More
Paper

Paper – HackTheBox Writeup

, , , , , , , , , , , , , 0

Machine Name: Paper
IP: 10.10.11.143
Difficulty: Easy

Summary

Paper is a relatively easy box and teaches enumeration and a bit of reading API documentations. It forces the attacker to keep looking for sensitive information that can be utilized to run commands and eventually get a shell. To get a user shell, we find credentials on the system through a chat bot. They can be used for logging in through SSH. Another way was to find a command hidden from the ones listed by the bot by reading the API documentation or finding a scripts directory to run commands as user and get a shell. Escalating privileges as root was simple as it was vulnerable to a popular vulnerability with a simple PoC.

Read More