Welcome back everyone! Today I’ll be documenting my process through the retired Hack the Box machine, ‘Jeeves’. We’ll obtain initial access by exploiting an exposed Jenkins server that is insecurely configured, and escalate our privileges by cracking a password-protected Keepass Database file to obtain an Administrator password hash. As the final step, we’ll take this […]
Hello again everyone. Today’s walk-through will be covering the retired Hack the Box machine, ‘Shocker’. This was a fun machine covering the basics of the famous ‘Shellshock’ exploit. The privilege escalation was incredibly simple if you know where to look, but it offers a good example of a simple enumeration you should always try when […]
Hello again everyone. This time around I’ll be documenting my process through the retired Hack the Box machine ‘October’. This machine was a pain for me. This was my first experience attempting to defeat Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), and it took a lot of research and trial and error […]
Hey everyone, today I’ll be documenting my process through the retired Hack the Box machine, ‘Arctic’. I’ll be using Kali Linux as my attacking machine OS. I hope you enjoy this walk-through and learn something new! What we know starting out: Arctic’s IP address is 10.10.10.11 It is running some version of Windows GOAL: Obtain […]
How to set up your own Pi-Hole to block intrusive web ads and speed up your network!