Tag: CTF
All the articles with the tag "CTF".
All Posts
HTB • CTF • Editorial • Write-Up
Published: at 06:23 PMHack The Box Editorial write-up: turn the upload + URL feature into SSRF, grab internal API credentials, then abuse a Git history leak and a Python clone helper to get root.
HTB • CTF • Sauna • Write-Up
Published: at 09:20 AMHack The Box Sauna write-up: AS-REP roast fsmith, steal Autologon credentials for svc_loanmgr, then use DCSync and pass-the-hash to become Domain Admin.
HTB • CTF • Active • Write-Up
Published: at 09:20 AMHack The Box Active write-up: use a GPP password in Groups.xml to get SVC_TGS, Kerberoast Administrator’s SPN and then pass the ticket to log in as Domain Admin.
HTB • CTF • Forest • Write-Up
Published: at 09:20 AMHack The Box Forest write-up: AS-REP roasting to get svc-alfresco, BloodHound to spot a DCSync path, and ACL abuse to dump Domain Admin credentials with secretsdump.