Write-ups

From Wiki Aghanim
Revision as of 00:00, 16 February 2026 by imported>Aghanim
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Write-ups

HackTheBox

Windows

Box Difficulty Key Techniques
Active Medium SMB, GPP Passwords, Kerberoasting
ArcheType Easy SMB, MSSQL
Arctic Easy ColdFusion, File Upload, MS10-059
Bastion Easy SMB, VHD Mount, SAM Dump
Blue Easy EternalBlue, MS17-010
Bounty Easy IIS, web.config Upload, Juicy Potato
Buff Easy Gym Management RCE, Chisel, CloudMe BOF
Devel Easy FTP, IIS, Kernel Exploit
Forest Easy AD, ASREPRoast, BloodHound, DCSync
Grandpa Easy IIS 6 BOF, Token Kidnapping
Granny Easy WebDAV, IIS, Token Kidnapping
Jerry Easy Tomcat, Default Credentials, WAR Upload
Legacy Easy MS08-067, MS17-010
Love Easy SSRF, AlwaysInstallElevated
Optimum Easy HFS RCE, Kernel Exploit

Linux

Box Difficulty Key Techniques
Armageddon Easy Drupalgeddon2, Snap Privesc
Bashed Easy phpbash, Kernel Exploit
Beep Easy Elastix RCE, Multiple Vectors
CAP Easy PCAP Analysis, SUID
FriendZone Easy LFI, SMB, Python Library Hijack
Horizontall Easy Strapi RCE
Irked Easy IRC, UnrealIRCd Backdoor
Lame Easy Samba, distcc
Nibble Easy Nibbleblog File Upload
OpenAdmin Easy OpenNetAdmin RCE
Poison Medium LFI, VNC Tunneling
Previse Easy IDOR, Command Injection
ScriptKiddie Easy msfvenom Template Injection
Sense Easy pfSense Default Creds
Shocker Easy ShellShock
Tabby Easy Tomcat LFI, LXD Privesc
Valentine Easy Heartbleed

Other

Box OS Difficulty Key Techniques
Sunday Solaris Easy Finger Enumeration

TryHackMe

Room OS Difficulty Key Techniques
Attacktive Directory Windows Medium AD, Kerberos, ASREPRoast
Mr Robot Linux Medium WordPress, SUID
Pickle Rick Linux Easy Web Enumeration, Command Injection
Skynet Linux Easy SMB, Cuppa CMS RFI, Cron Wildcard
Retrieved from "https://book.ghanim.no/index.php?title=Write-ups&oldid=1215"