Posts
0xDedinfosec Blog
Cancel

Hackthebox Routerspace Writeup

Hackthebox Routerspace Writeup

Hackthebox release new machine called routerspace, in this machine we get the apk file on port 80 after analyzing the apk we get a new endpoint which is vulnerable with rce and we get the shell thr...

Hackthebox Undetected Writeup

Hackthebox Undetected Writeup

Hackthebox release new machine called undetected, in this machine we find a info file which get us the password and vendor directory reveal the phpunit that vernable to CVE-2017-9841 through that w...

Hackthebox Paper Writeup

Hackthebox Paper Writeup

Hackthebox release new machine called paper, in this machine on port 80 it's first leak the new vhost called office.paper on responce header X-Backend-Server after that wordpress version is vernabl...

Hackthebox Timing Writeup

Hackthebox Timing Writeup

Hackthebox release new machine called timing, in this machine we need to first find LFI with some fuzzing through LFI we need to dump the sorce code of file and get useful information and get the a...

Hackthebox Backdoor Writeup

Hackthebox Backdoor Writeup

In this machine we need to exploit the wordpress plugin called ebook-download to check the file inside server and find one process running gdbserver on port 1337 exploit that to get rev shell as us...