HackTheBox – Valentine CTF walkthrough
Marceli Looks like heart with bleed.. 22 ssh OpenSSH 5.9.p1 5ubuntu1.1080 http Apache 2.2.22443 https Apache 2.2.22 AES-128-CBC encrypted RSA private key I tried to crack this, but I couldn't. Vulnerabilities…
February 2022
HackTheBox – Node CTF walkthrough (BoF)
Initial scan shows 2 open ports
HackTheBox – Sense CTF walkthrough
Looks like some old version of pfsense. Default credentials (admin:pfsense) doesn't work. Only http/https ports are opened Nothing interesting so far Certificate date Username is exposed rohit:pfsense works: Version: 2.1.3…
HackTheBox – Markup CTF walkthrough
After going back to login page, I tried a few default credentials and one trivial combination worked. We are logged as "Customer" No hints from cyberchef Nothing interesting about technologies…
HackTheBox – Included CTF walkthrough
After going to http site, user is being redirected to: So I decided to try /etc/passwd Host is vulnerable to local file inclusion There are users related to tftp service…
HackTheBox – Unified CTF walkthrough
Port 8443 It looks like it is a Unify app vulnerable to Log2j - CVE-2021-44228 If app is facing public network you can check if site is vulnerable by testing…
HackTheBox – Vaccine CTF walkthrough
Initial scan of Vaccine shown 3 open ports.
HackTheBox – Oopsie CTF walkthrough
Initial scan of “Oopsie”:
HackTheBox – Nibbles CTF walkthrough
Initial scan: