avatar
Articles
40
Tags
21
Categories
4
Home
Archives
Tags
Categories
LogoWelcome to 0pwn0's BlogOffSec - The Gaunlet Full Writeup (Protected & Updating) Back to Home
Search
Home
Archives
Tags
Categories

OffSec - The Gaunlet Full Writeup (Protected & Updating)

Created2025-10-06|Updated2025-11-04|CTF
|Post Views:
Author: 0pwn0
Link: https://0pwn0.github.io/2025/10/06/OffSec-TheGaunlet-Writeup/
Copyright Notice: All articles on this blog are licensed under CC BY-NC-SA 4.0 unless otherwise stated.
writeupinsaneoffsecctf
cover of previous post
Previous
HackTheBox - Hercules Writeup (Protected)
cover of next post
Next
HackTheBox - Voleur Writeup
IntroductionThis writeup details the exploitation of the “Voleur” machine from Hack The Box. The primary objectives were to gain unauthorized access, escalate privileges, and retrieve sensitive data, specifically the user and root flags, to evaluate the security posture of the environment. Attack NarrativeThis section provides a detailed account of the red team’s actions, outlining the sequence of events that led to the successful compromise of the Voleur domain. Each step is described with ...
Related Articles
cover
2025-03-31
HackTheBox - DarkCorp Writeup
IntroductionThis technical writeup details the penetration test of the “DarkCorp” machine from Hack The Box, rated as Insane difficulty. The assessment demonstrates a sophisticated attack chain involving a critical XSS vulnerability in Roundcube webmail, SQL injection in a dashboard application, Active Directory certificate services exploitation, and various privilege escalation techniques. Attack NarrativeThe following sections provide a detailed chronological account of the penetration tes...
cover
2025-10-20
HackTheBox - Hercules Writeup (Protected)
cover
2025-05-21
HackTheBox - Infiltrator Writeup
IntroductionInfiltrator is an Insane-difficulty Windows Active Directory machine that demonstrates a sophisticated attack chain involving username enumeration, Kerberos exploitation, Windows Remote Management (WinRM), and Active Directory certificate services abuse. The machine showcases real-world attack scenarios including password cracking, privilege escalation through Active Directory permissions, and exploitation of misconfigured certificate templates. Attack NarrativeThe penetration te...
cover
2025-11-01
HackTheBox - Novitas Writeup (Protected)
cover
2025-06-22
HackTheBox - Artificial Writeup
IntroductionThis writeup details the exploitation of the “Artificial” machine from Hack The Box, which showcases interesting vectors involving AI model manipulation and service exploitation. Attack NarrativeThis section provides a detailed account of the red team’s actions, outlining the sequence of events that led to the successful compromise of the Artificial domain. Each step is described with its technical execution and significance. Initial EnumerationFirst, let’s start with a comprehen...
cover
2025-11-04
HackTheBox - AWS Fortress Writeup (Protected)
avatar
0pwn0
A blog about CTF challenges, security research, and cybersecurity topics
Articles
40
Tags
21
Categories
4
Follow Me
Recent Posts
ESC15 Offensive Deep-Dive Cheatsheet 2025 - Vietnamese Language
ESC15 Offensive Deep-Dive Cheatsheet 2025 - Vietnamese Language2025-11-28
HackTheBox - NanoCorp Writeup (Protected)
HackTheBox - NanoCorp Writeup (Protected)2025-11-09
HackTheBox - AWS Fortress Writeup (Protected)
HackTheBox - AWS Fortress Writeup (Protected)2025-11-04
HackTheBox - Novitas Writeup (Protected)
HackTheBox - Novitas Writeup (Protected)2025-11-01
AD ACLs Cheatsheet
AD ACLs Cheatsheet2025-10-23
© 2025 By 0pwn0Framework Hexo 8.0.0|Theme Butterfly 5.5.1
Search
Loading Database