imported>Aghanim at 00:00, 16 February 2026

2026-02-16T00:00:00Z

New page

= Write-ups =

== HackTheBox ==

=== Windows ===
{| class="wikitable sortable" style="width:100%"
|-
! Box !! Difficulty !! Key Techniques
|-
| [[Write-ups/HTB/Active|Active]] || Medium || SMB, GPP Passwords, Kerberoasting
|-
| [[Write-ups/HTB/ArcheType|ArcheType]] || Easy || SMB, MSSQL
|-
| [[Write-ups/HTB/Arctic|Arctic]] || Easy || ColdFusion, File Upload, MS10-059
|-
| [[Write-ups/HTB/Bastion|Bastion]] || Easy || SMB, VHD Mount, SAM Dump
|-
| [[Write-ups/HTB/Blue|Blue]] || Easy || EternalBlue, MS17-010
|-
| [[Write-ups/HTB/Bounty|Bounty]] || Easy || IIS, web.config Upload, Juicy Potato
|-
| [[Write-ups/HTB/Buff|Buff]] || Easy || Gym Management RCE, Chisel, CloudMe BOF
|-
| [[Write-ups/HTB/Devel|Devel]] || Easy || FTP, IIS, Kernel Exploit
|-
| [[Write-ups/HTB/Forest|Forest]] || Easy || AD, ASREPRoast, BloodHound, DCSync
|-
| [[Write-ups/HTB/Grandpa|Grandpa]] || Easy || IIS 6 BOF, Token Kidnapping
|-
| [[Write-ups/HTB/Granny|Granny]] || Easy || WebDAV, IIS, Token Kidnapping
|-
| [[Write-ups/HTB/Jerry|Jerry]] || Easy || Tomcat, Default Credentials, WAR Upload
|-
| [[Write-ups/HTB/Legacy|Legacy]] || Easy || MS08-067, MS17-010
|-
| [[Write-ups/HTB/Love|Love]] || Easy || SSRF, AlwaysInstallElevated
|-
| [[Write-ups/HTB/Optimum|Optimum]] || Easy || HFS RCE, Kernel Exploit
|}

=== Linux ===
{| class="wikitable sortable" style="width:100%"
|-
! Box !! Difficulty !! Key Techniques
|-
| [[Write-ups/HTB/Armageddon|Armageddon]] || Easy || Drupalgeddon2, Snap Privesc
|-
| [[Write-ups/HTB/Bashed|Bashed]] || Easy || phpbash, Kernel Exploit
|-
| [[Write-ups/HTB/Beep|Beep]] || Easy || Elastix RCE, Multiple Vectors
|-
| [[Write-ups/HTB/CAP|CAP]] || Easy || PCAP Analysis, SUID
|-
| [[Write-ups/HTB/FriendZone|FriendZone]] || Easy || LFI, SMB, Python Library Hijack
|-
| [[Write-ups/HTB/Horizontall|Horizontall]] || Easy || Strapi RCE
|-
| [[Write-ups/HTB/Irked|Irked]] || Easy || IRC, UnrealIRCd Backdoor
|-
| [[Write-ups/HTB/Lame|Lame]] || Easy || Samba, distcc
|-
| [[Write-ups/HTB/Nibble|Nibble]] || Easy || Nibbleblog File Upload
|-
| [[Write-ups/HTB/OpenAdmin|OpenAdmin]] || Easy || OpenNetAdmin RCE
|-
| [[Write-ups/HTB/Poison|Poison]] || Medium || LFI, VNC Tunneling
|-
| [[Write-ups/HTB/Previse|Previse]] || Easy || IDOR, Command Injection
|-
| [[Write-ups/HTB/ScriptKiddie|ScriptKiddie]] || Easy || msfvenom Template Injection
|-
| [[Write-ups/HTB/Sense|Sense]] || Easy || pfSense Default Creds
|-
| [[Write-ups/HTB/Shocker|Shocker]] || Easy || ShellShock
|-
| [[Write-ups/HTB/Tabby|Tabby]] || Easy || Tomcat LFI, LXD Privesc
|-
| [[Write-ups/HTB/Valentine|Valentine]] || Easy || Heartbleed
|}

=== Other ===
{| class="wikitable sortable" style="width:100%"
|-
! Box !! OS !! Difficulty !! Key Techniques
|-
| [[Write-ups/HTB/Sunday|Sunday]] || Solaris || Easy || Finger Enumeration
|}

== TryHackMe ==
{| class="wikitable sortable" style="width:100%"
|-
! Room !! OS !! Difficulty !! Key Techniques
|-
| [[Write-ups/THM/Attacktive Directory|Attacktive Directory]] || Windows || Medium || AD, Kerberos, ASREPRoast
|-
| [[Write-ups/THM/Mr Robot|Mr Robot]] || Linux || Medium || WordPress, SUID
|-
| [[Write-ups/THM/Pickle Rick|Pickle Rick]] || Linux || Easy || Web Enumeration, Command Injection
|-
| [[Write-ups/THM/Skynet|Skynet]] || Linux || Easy || SMB, Cuppa CMS RFI, Cron Wildcard
|}

[[Category:Write-ups]]

Write-ups - Revision history

imported>Aghanim at 00:00, 16 February 2026