Threatninja.net

In this post, I would like to share a walkthrough of the Mentor Machine from Hack the Box This room will be considered a medium machine on Hack the Box What…

What is Varnish’s HTTP cache? To be honest, it’s my debut of hearing about the Varnish HTTP cache and my first time exploiting it. As a result, let’s try to…

What is JWT? For those who are not familiar with JSON tokens, it’s a method to securely exchange data, especially an LFI attack in which the application uses a JSON…

In this post, I would like to share a walkthrough of the Awkward Machine from Hack the Box This room will be considered a medium machine on Hack the Box What…

In this post, I would like to share a walkthrough of the Rainyday Machine from Hack the Box This room will be considered a Hard machine on Hack the Box What…

What is Path Hijacking? Path Hijacking is a method where the bad guys will try to execute their malicious payload by running it from a different path than they are…

In this post, I would like to share a walkthrough of the Photobomb Machine from Hack the Box This room will be considered an Easy machine on Hack the Box What…

This post is an extension of the full writeup on the Response machine that can be found here which we will abuse the AES key Extract the AES file by…

In this post, I would like to share a walkthrough of the Response Machine from Hack the Box This room will be considered an Insane machine on Hack the Box What…

For this ambassador machine, we will try the second method to obtain the root flag. Honestly, I normally didn’t use Metasploit for any machine or activity especially while playing CTF…