Editorial from HackTheBox

By Mohammad Yassine in hackthebox on

The journey begins on Hack The Box, navigating through Season 5 Machines. It starts by exploiting a Server-Side Request Forgery (SSRF), which exposes access credentials in an endpoint, allowing you to pwn a machine. The response endpoint leaks critical information that leads to owning a user account. Following this,…

Blurry from HackTheBox

By Mohammad Yassine in hackthebox on

This box was very interesting, starting with exploiting a vulnerability in the ClearML open-source platform, which is used to automate the development of machine learning solutions, to get a shell as a user. By exploiting CVE-2024-24590, we were able to gain initial access. The process involved creating…

BoardLight from HackTheBox

By Mohammad Yassine in hackthebox on

This box involves exploiting Dolibarr 17.0.0 for remote code execution (RCE) as an authenticated user, gaining access as the www-data user. By understanding the exploit and examining the configuration files, credentials can be found to escalate privileges to user. Additionally, the system is vulnerable to CVE-2022-…

One click root | Runner from HackTheBox

By Mohammad Yassine in hackthebox on

The journey begins by using a custom word list to find a subdomain running TeamCity 2023.05.03, which is vulnerable to CVE-2023-42793. This vulnerability allows the creation of a privileged user without authentication. Next, a backup containing a private key is found, providing the first SSH access…