• Search for:

    Tag Archives: docker

    1. Home  - 
    2. Posts tagged "docker"
    25 Oct, 2025
    Hack The Box: Artificial Machine Walkthrough – Easy Diffucilty
    Easy Machine , , , , , , , , , ,

    Hacking the “Artificial” Machine on Hack The Box!

    Conquered the “Artificial” machine on Hack The Box! 🕵️‍♂️ I scanned the target, identified a web server on port 80, and created an account to access its dashboard, where I uploaded a malicious .h5 file to trigger a reverse shell. Using a Docker environment, I gained a shell as the app user, found a SQLite database (users.db), and cracked its password hashes to reveal credentials for user “gael,” allowing me to grab the user flag via SSH from user.txt. For root, I discovered port 9898 running Backrest, forwarded it, and enumerated backup files, finding a bcrypt-hashed password in config.json. Decoding a base64 value yielded a plaintext password, granting access to the Backrest dashboard, where I exploited the RESTIC_PASSWORD_COMMAND to trigger a root shell and secure the root flag from root.txt.

    #Cybersecurity #HackTheBox #CTF #PenetrationTesting #PrivilegeEscalation …

    Learn MoreHack The Box: Artificial Machine Walkthrough – Easy Diffucilty

    5 Apr, 2025
    Hack The Box: Ghost Machine Walkthrough – Insane Difficulty
    Insane Machine , , , , , , , , , , , , , , , , , , , , , , ,

    The initial foothold was gained by exploiting command injection on intranet.ghost.htb:8008/api-dev/scan/, which provided a reverse shell inside a Docker container. From there, I enumerated the environment and discovered credentials that allowed SSH access as Florence Ramirez. By extracting and converting a Kerberos ticket, I authenticated as a legitimate user, escalating access within the system. With access to the Windows environment, I retrieved NTLM hashes for the adfs_gmsa account and leveraged evil-winrm for lateral movement. A reverse shell was established using JokerShell, and privileges were escalated by enabling xp_cmdshell through a debug interface. After uploading EfsPotato.cs and disabling antivirus, I used Mimikatz and Rubeus.exe to dump credentials, ultimately achieving SYSTEM access. This led to the extraction of domain admin credentials and the retrieval of the root flag. Another Insane box down! 💀💻

    #HackTheBox #RedTeam #CyberSecurity #PenTesting #PrivilegeEscalation #EthicalHacking …

    Learn MoreHack The Box: Ghost Machine Walkthrough – Insane Difficulty

    8 Feb, 2025
    HackTheBox:MagicGardens Machine Walkthrough-Insane Difficulty
    Insane Machine , , , , , , , , , , , , , ,

    Introduction to MagicGardens: This write-up will explore the “MagicGardens” machine from Hack The Box, which is categorized as an insanely difficult challenge. This walkthrough will cover the reconnaissance, exploitation, and privilege escalation steps required to capture the flag. Objective on

    Continue ReadingHackTheBox:MagicGardens Machine Walkthrough-Insane Difficulty

    28 Jan, 2025
    Hack The Box: Strutted Machine Walkthrough – Medium Difficulty
    Medium Machine , , , , , , , , , , ,

    Introduction to Strutted: This write-up will explore the “Strutted” machine from Hack The Box, categorized as a medium-difficulty challenge. This walkthrough will cover the reconnaissance, exploitation, and privilege escalation steps required to capture the flag. Objective: The goal of this

    Continue ReadingHack The Box: Strutted Machine Walkthrough – Medium Difficulty

    11 Jan, 2025
    Hack The Box: Sightless Machine Walkthrough – Easy Difficulty
    Easy Machine , , , , , , , , , , , , , ,

    Introduction to Sightless: In this write-up, we will explore the “Sightless” machine from Hack the Box, categorized as an easy difficulty challenge. This walkthrough will cover the reconnaissance, exploitation, and privilege escalation steps required to capture the flag. Objective: The

    Continue ReadingHack The Box: Sightless Machine Walkthrough – Easy Difficulty

    13 Jul, 2024
    Hack The Box: Corporate Machine Walkthrough – Insane Difficulty
    Insane Machine , , , , , , , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Corporate Machine from Hack the Box This room will be considered an Insane machine on Hack the Box What will you gain from the Corporate machine? For the user flag, you need to

    Continue ReadingHack The Box: Corporate Machine Walkthrough – Insane Difficulty

    15 Jun, 2024
    Hack The Box: Crafty Machine Walkthrough – Easy Difficulty
    Easy Machine , , , , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Crafty Machine from Hack the Box This room will be considered an Easy machine on Hack the Box What will you gain from the Crafty machine? For the user flag, you must exploit

    Continue ReadingHack The Box: Crafty Machine Walkthrough – Easy Difficulty

    23 Mar, 2024
    Hack The Box: Analytics Machine Walkthrough – Easy Difficulty
    Easy Machine , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Analytics Machine from Hack the Box This room will be considered an Easy machine on Hack the Box What will you gain from the Analytics machine? For the user flag, you will need

    Continue ReadingHack The Box: Analytics Machine Walkthrough – Easy Difficulty

    4 Feb, 2024
    Hack The Box: Registrytwo machine Walkthrough – Insane Difficulty
    Insane Machine , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Registrytwo Machine from Hack the Box This room will be considered an Insane machine on Hack the Box What will you gain from the Registrytwo machine? For the user flag, you will need

    Continue ReadingHack The Box: Registrytwo machine Walkthrough – Insane Difficulty

    23 Sep, 2023
    Hack The Box: Snoopy Machine Walkthrough – Hard Difficulty
    Hard Machine , , , , , , , , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Snoopy Machine from Hack the Box This room will be considered a Hard machine on Hack the Box What will you gain from the Snoopy machine? For the user

    Continue ReadingHack The Box: Snoopy Machine Walkthrough – Hard Difficulty