Canape hackthebox Writeup

Hey pentesters! In this post blog post, I am gonna walk you through canape that is a medium linux machine from hackthebox. Summary The initial foothold on the box is based on python pickle injection that leads to remote code execution. Privilege escalation to user exploits a vulnerability in couchdb that can be leveraged to create a dummy user with _admin role.…

0 Comments

Waldo: Hackthebox walkthrough

Waldo is a medium linux machine from hackthebox. The initial foothold on the box is based on understanding a bunch of .php files that leads to sensitive file read such as the ssh private key. Once inside the box, linux enumeration depicts that there is a docker running. The user of the docker needs to be guessed to get successful entry to…

1 Comment

Jarvis: Hackthebox walkthrough

Hey all! This is Shreya Pohekar. This walkthrough will solve Jarvis from hackthebox. Jarvis is an easy linux machine. The initial foothold on the box is based on exploiting the sqli to gain creds of dbadmin. Phpmyadmin is accessible to the users and can be logged via the creds of dbadmin. The initial shell can be obtained by uploading a web shell…

1 Comment