HackTheBox - NanoCorp Writeup (Protected)
All articles on this blog are licensed under CC BY-NC-SA 4.0 unless otherwise stated.
Related Articles
2025-07-06
HackTheBox - RustyKey Writeup
IntroductionPurposeThe purpose of this assessment is to evaluate the security of the RustyKey domain by simulating a real-world cyber attack. The goal is to identify vulnerabilities that malicious attackers could exploit to gain unauthorized access, escalate privileges, and compromise sensitive information, thereby providing detailed information about the security weaknesses of the environment. Scope and ObjectivesThe scope of the assessment is limited to the RustyKey domain, a simulated env...
2025-03-31
HackTheBox - DarkCorp Writeup
IntroductionThis technical writeup details the penetration test of the “DarkCorp” machine from Hack The Box, rated as Insane difficulty. The assessment demonstrates a sophisticated attack chain involving a critical XSS vulnerability in Roundcube webmail, SQL injection in a dashboard application, Active Directory certificate services exploitation, and various privilege escalation techniques. Attack NarrativeThe following sections provide a detailed chronological account of the penetration tes...
2025-11-04
HackTheBox - AWS Fortress Writeup (Protected)
2025-10-20
HackTheBox - Hercules Writeup (Protected)
2025-05-21
HackTheBox - Infiltrator Writeup
IntroductionInfiltrator is an Insane-difficulty Windows Active Directory machine that demonstrates a sophisticated attack chain involving username enumeration, Kerberos exploitation, Windows Remote Management (WinRM), and Active Directory certificate services abuse. The machine showcases real-world attack scenarios including password cracking, privilege escalation through Active Directory permissions, and exploitation of misconfigured certificate templates. Attack NarrativeThe penetration te...
2025-05-18
HackTheBox - Puppy Writeup [VIE Language]
Về thông tin Thông tin chung IP Address : 10.10.11.70 Hệ điều hành (Distribution) Microsoft Windows Server 2022 Standard Kernel OS Version 10.0.20348 N/A Build 20348 Phần mềm Web Server và Version Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) Port Available 53, 88, 111, 135, 139, 389, 445, 464, 593, 636, 2049, 3260, 3268, 3269, 5985 Enumeration (Thu thập dữ liệu)1As is common in real life pentests, you will start the Puppy box with credentials for the following account: lev...
