• Search for:

    Tag Archives: Path Traversal

    1. Home  - 
    2. Posts tagged "Path Traversal"
    10 Jan, 2026
    Hack The Box: Previous Machine Walkthrough – Medium Difficulty
    Medium Machine , , , , , , , , , , , ,

    🎯 Just rooted the ‘Previous’ machine on Hack The Box!

    Started with a Next.js app exposing a path traversal bug in /api/download, leaked /etc/passwd → found user ‘jeremy’, then extracted the NextAuth provider code revealing credentials.

    Abused .terraformrc dev_overrides to load a malicious custom provider binary.
    Classic NextAuth misconfig + Terraform provider override chain. Loved the creativity!

    #HackTheBox #CTF #PrivilegeEscalation #PathTraversal #NextJS #Terraform #CyberSecurity #PenetrationTesting #BugBounty”

    Learn MoreHack The Box: Previous Machine Walkthrough – Medium Difficulty

    17 May, 2025
    Hack The Box: Heal Machine Walkthrough – Medium Difficulty
    Medium Machine , , , , , , , , , , , , , ,

    Writeup Summary: Heal (Hack The Box)

    This box involved thorough enumeration that uncovered multiple subdomains, including a Ruby on Rails API. Initial access was gained by chaining a Local File Inclusion vulnerability with password cracking and exploiting a LimeSurvey plugin upload vulnerability. Privilege escalation was achieved by identifying and exploiting an exposed Consul service accessible through SSH port forwarding.

    This challenge showcased key red teaming skills: web application exploitation, misconfiguration abuse, credential harvesting, and lateral movement.

    #HackTheBox #CyberSecurity #RedTeam #PrivilegeEscalation #BugBounty #WebSecurity #Infosec #CTF #HTB #OffensiveSecurity #LinuxExploitation …

    Learn MoreHack The Box: Heal Machine Walkthrough – Medium Difficulty