Posts
0xPrashant
Cancel

HackTheBox was vulnerable to reverse tabnapping

There was a reverse tabnapping in hackthebox in the walkthrough section due to the html link opener using target="_blank" without any rel="noopener nofollow" , that results redireting the victim user to a new phishing page.

Hackthebox Buff writeup

This machine is currently active on hackthebox wait until it gets retired or if you have owned it then you need to get the Administrator NTLM hash or the root password hash from the file /etc/shadow file.And enjoy the writeup.

Hackthebox Sneakymailer writeup

This machine is currently active on hackthebox wait until it gets retired or if you have owned it then you need to get the Administrator NTLM hash or the root password hash from the file /etc/shadow file.And enjoy the writeup.

Hackthebox Tabby writeup

This machine is currently active on hackthebox wait until it gets retired or if you have owned it then you need to get the Administrator NTLM hash or the root password hash from the file /etc/shadow file.And enjoy the writeup.

Hackthebox Fuse writeup

This machine is currently active on hackthebox wait until it gets retired or if you have owned it then you need to get the Administrator NTLM hash or the root password hash from the file /etc/shadow file.And enjoy the writeup.

Fortress Akerva writeup

The Fortress is currently active , Better you just own it first and then enter the last flag to decrypt the writeup.If you completed the fortress then you can simply enter the last flag of the Akerva fortress , Thanks for visiting

Hackthebox Blackfield writeup

Getting TGT using secretdump for usernames got from smb dirs and using rpcclient to chnage the user password , got a zip file that was a memory dump and getting NTLM hash of user lsass mimikatz ad then admin is around dumping the ntds.dit file.

Hackthebox Blunder writeup

This machine is currently active on hackthebox wait until it gets retired or if you have owned it then you need to get the Administrator NTLM hash or the root password hash from the file /etc/shadow file.And enjoy the writeup.

Hackthebox Travel writeup

Dumping the .git dir and bypassing the ssrf along with chaining it with the php-deserialization and php-memcache to get a rce then doing some ldapmodify to modify some users entries to get the shell as root........

Hackthebox Cache writeup

This machine is currently active on hackthebox wait until it gets retired or if you have owned it then you need to get the Administrator NTLM hash or the root password hash from the file /etc/shadow file.And enjoy the writeup.

© 2020 Prashant Saini. All rights reserved.