git-dumper

Hack The Box: Gavel Machine Walkthrough – Medium Difficulity

by darknite
2026-03-14

Completed the Gavel (Medium) machine on Hack The Box. The initial foothold came from an exposed .git directory that leaked the application’s source code and bcrypt password hashes. After cracking the credentials with John the Ripper, I gained access and achieved a reverse shell through command injection in the admin rule field. Reusing the cracked credentials allowed privilege escalation to the application user and retrieval of the user flag.

Root access was obtained by abusing the gavel-util submission feature, which executed YAML rule fields using PHP system(). By overwriting the custom php.ini to remove restrictions and creating a SUID Bash binary, it was possible to spawn a root shell and capture the final flag.

#HackTheBox #HTB #CyberSecurity #EthicalHacking #PenetrationTesting #RedTeam #LinuxSecurity #WebSecurity #PrivilegeEscalation #CTF

Hack The Box: Dog Machine Walkthrough (Easy Difficulty)

by darknite
2025-07-12

Exploited exposed credentials in a .git repository to access Backdrop CMS, then used a remote command execution vulnerability (EDB-ID: 52021) for a reverse shell. Escalated to root by leveraging a misconfigured bee binary with sudo privileges, capturing both user and root flags.

#Cybersecurity #HackTheBox #PenetrationTesting #CTF #WebExploitation #PrivilegeEscalation #EthicalHacking #InfoSec #CyberSec #Hacking

Hack The Box: Cat Machine Walkthrough – Medium Diffculity

by darknite
2025-07-05

Hack The Box Success: Cat Machine Write-Up Published!

I’ve just published my personal write-up for the Cat machine on Hack The Box. In this challenge, I gained the user flag by exploiting a Stored XSS vulnerability to capture the admin session cookie, followed by an SQL Injection to extract credentials and gain SSH access. For the root flag, I took advantage of a vulnerable image processing script owned by root, crafting a payload to gain a root shell and retrieve the flag. The full write-up dives into each step, the logic behind the attacks, and key takeaways.

#CyberSecurity #HackTheBox #PenetrationTesting #EthicalHacking #CTF #WriteUp #XSS #SQLi #PrivilegeEscalation #InfoSec #CTFWriteup

Hack The Box: Trickster Machine Walkthrough – Medium Difficulty

by darknite
2025-02-01

Introduction to Trickster: In this write-up, we will explore the “Trickster” machine from Hack The Box, categorized as a medium-difficulty challenge. This walkthrough will cover… Read More »Hack The Box: Trickster Machine Walkthrough – Medium Difficulty

Hack The Box: Pilgrimage Machine Walkthrough – Easy Difficulty

by darknite
2023-11-25

In this post, I would like to share a walkthrough of the Pilgrimage Machine from Hack the Box This room will be considered an Easy machine… Read More »Hack The Box: Pilgrimage Machine Walkthrough – Easy Difficulty

Hack The Box: Encoding Machine – Medium Difficulty

by darknite
2023-04-16

In this post, I would like to share a walkthrough of the Encoding Machine from Hack the Box This room will be considered a medium machine… Read More »Hack The Box: Encoding Machine – Medium Difficulty

Hack The Box: UpDown Machine Walkthrough – Medium Difficulty

by darknite
2023-02-24

In this post, I would like to share a walkthrough of the UpDown Machine from Hack the Box This room will be considered a medium machine on… Read More »Hack The Box: UpDown Machine Walkthrough – Medium Difficulty

Hack the box: Vessel Machine Walkthrough – Hard Difficulty

by darknite
2023-03-26

In this post, I would like to share a walkthrough of the Vessel Machine from Hack the Box This room will be considered a medium machine on… Read More »Hack the box: Vessel Machine Walkthrough – Hard Difficulty

HackTheBox: Devzat Machine Walkthrough – Medium Difficulty

by darknite
2023-02-24

In this post, I would like to share a walkthrough of the Devzat Machine from HackTheBox This room has been considered difficulty rated as a medium machine on HackThebox… Read More »HackTheBox: Devzat Machine Walkthrough – Medium Difficulty

HackTheBox: Cereal Machine Walkthrough – Hard Difficulty

by darknite
2023-03-08

In this post, i would like to share a walkthrough of the Cereal Machine. This room has been considered difficulty rated as a Hard machine Information Gathering on Cereal… Read More »HackTheBox: Cereal Machine Walkthrough – Hard Difficulty