Secnotes : Hackthebox walkthrough

Hey everyone! This is shreya and the blog post covers the step by step guide to pwn secnotes from hackthebox. Secnotes is a medium windows machine. Initial foothold on the box is based on exploiting the sqli on the login page where we get the creds to access smb share. Since we have read.write access on the share, we will be exploiting…

0 Comments

Jarvis: Hackthebox walkthrough

Hey all! This is Shreya Pohekar. This walkthrough will solve Jarvis from hackthebox. Jarvis is an easy linux machine. The initial foothold on the box is based on exploiting the sqli to gain creds of dbadmin. Phpmyadmin is accessible to the users and can be logged via the creds of dbadmin. The initial shell can be obtained by uploading a web shell…

1 Comment

Control : Hackthebox Walkthrough

Hey fellas!! This is Shreya Pohekar and today we’ll be walking through Control from Hackthebox. It was a hard windows machine. The initial foothold (wwwroot) to the machine exploited a sql injection, where I uploaded a web shell using the vulnerability. Getting to the user was pretty straightforward as the sqlmap listed password hashes. Privilege escalation to root required us to read…

0 Comments