Tag: CTF
All the articles with the tag "CTF".
All Posts
HTB • CTF • Lantern • Write-Up
Published: at 08:54 PMHack The Box CTF - Lantern. SSRF, DLL Information Disclosure, File Upload Vulnerability, Execution of malicious DLL, PrivEsc with write process monitoring.
HTB • CTF • MonitorsThree • Write-Up
Published: at 02:06 PMHack The Box CTF - MonitorsThree. SQLI via visible error messages, Cacti RCE, Duplicati Auth Bypass, Docker Volume Misconfiguration
HTB • CTF • Sea • Write-Up
Published: at 10:39 AMHack The Box Sea write-up: use XSS to get RCE in WonderCMS, pivot into a user shell, then abuse a log-viewer LFI behind HTTP Basic auth to read /root/root.txt directly.
HTB • CTF • Resource • Write-Up
Published: at 04:00 PMHack The Box Resource write-up: PHAR-based ZIP upload to get RCE, MySQL creds from the app, secrets in a HAR file, and SSH certificates to move from containers to the host.