Ever since I played Hack The Box, I have wanted to create a box myself. As the time went by, I encountered so much cool vulnerabilities and techniques both in real-world engagements and CTFs, which I thought would be fun to put in a box. The result of this is Response.
→ User (→ bob)
– Enumeration
– Server Side Request Forgery
– Internal Chat Application
– Cross-Protocol Request Forgery
→ Scanning Script (bob → scryh)
– Make own HTTPS Server being scanned
– Setting up own DNS Server
– Setting up own SMTP Server
– Directory Traversal
→ Incident Report (scryh → root)
– Decrypting Meterpreter Session
– Restoring RSA private key
Continue reading “Hack The Box – Response”