Hack The Box – Response

Ever since I played Hack The Box, I have wanted to create a box myself. As the time went by, I encountered so much cool vulnerabilities and techniques both in real-world engagements and CTFs, which I thought would be fun to put in a box. The result of this is Response.

Introduction
User (→ bob)
    – Enumeration
    – Server Side Request Forgery
    – Internal Chat Application
    – Cross-Protocol Request Forgery
Scanning Script (bob → scryh)
    – Make own HTTPS Server being scanned
    – Setting up own DNS Server
    – Setting up own SMTP Server
    – Directory Traversal
Incident Report (scryh → root)
    – Decrypting Meterpreter Session
    – Restoring RSA private key

Continue reading “Hack The Box – Response”

Hack The Box – Rope

This article contains my writeup on the machine Rope from Hack The Box. I really enjoyed the box, since it provides a total of three custom binaries, which are supposed to be exploited 🙂

The article is divided into the following parts:

User
    – Initial Recon
    – httpserver
    – Leak Memory Address
    – Exploit Format String Vulnerability
    – Escalating from john to r4j (readlogs)

Root
    – Local Recon
    – contact
    – Bruteforce
    – Libc Leak
    – Final Exploit

Continue reading “Hack The Box – Rope”