SQL Injection

Hack The Box: WhiteRabbit Machine Walkthough – Insane Difficulity

by darknite
2026-02-14

Initial access was achieved through exposed monitoring and documentation services, which leaked internal service names and an unauthenticated workflow configuration. This disclosure revealed sensitive secrets, a vulnerable webhook parameter, and ultimately credentials for a backup system. Abuse of misconfigured backup tooling and sudo privileges allowed extraction of private SSH keys, enabling lateral movement across multiple user accounts and retrieval of the user flag.

Privilege escalation to root involved reverse-engineering a custom SUID binary. Analysis exposed a predictable pseudorandom password generator caused by unsafe seeding logic and an integer overflow, significantly reducing entropy. Recreating the binary locally and brute-forcing the constrained seed space yielded valid credentials, granting SSH access to a privileged user with unrestricted sudo rights and full system compromise.

This machine was a strong example of how exposed internal tooling, poor secret handling, and flawed custom binaries can combine into a complete attack chain.

#HackTheBox #CyberSecurity #OffensiveSecurity #PenetrationTesting #RedTeam #PrivilegeEscalation #ReverseEngineering #LinuxSecurity #Infosec #CTF

Hack The Box: Cat Machine Walkthrough – Medium Diffculity

by darknite
2025-07-05

Hack The Box Success: Cat Machine Write-Up Published!

I’ve just published my personal write-up for the Cat machine on Hack The Box. In this challenge, I gained the user flag by exploiting a Stored XSS vulnerability to capture the admin session cookie, followed by an SQL Injection to extract credentials and gain SSH access. For the root flag, I took advantage of a vulnerable image processing script owned by root, crafting a payload to gain a root shell and retrieve the flag. The full write-up dives into each step, the logic behind the attacks, and key takeaways.

#CyberSecurity #HackTheBox #PenetrationTesting #EthicalHacking #CTF #WriteUp #XSS #SQLi #PrivilegeEscalation #InfoSec #CTFWriteup

Hack The Box: Blazorized Machine Walkthrough – Hard Difficulty

by darknite
2024-11-09

Introduction to Blazorized: This write-up will explore the “Blazorized” machine from Hack The Box, categorized as a Hard difficulty challenge. This walkthrough will cover the… Read More »Hack The Box: Blazorized Machine Walkthrough – Hard Difficulty

Hack The Box: Intentions Machine Walkthrough – Hard Difficulty

by darknite
2023-10-14

In this post, I would like to share a walkthrough of the Intentions Machine from Hack the Box This room will be considered a Hard machine… Read More »Hack The Box: Intentions Machine Walkthrough – Hard Difficulty

HackTheBox: OnlyforYou Machine Walkthrough – Medium Difficulty

by darknite
2023-08-26

In this post, I would like to share a walkthrough of the OnlyforYou Machine from Hack the Box This room will be considered a medium machine… Read More »HackTheBox: OnlyforYou Machine Walkthrough – Medium Difficulty

Hack The Box: Socket Machine Walkthrough – Medium Difficulty

by darknite
2023-07-15

In this post, I would like to share a walkthrough of the Socket Machine from Hack the Box This room will be considered a medium machine… Read More »Hack The Box: Socket Machine Walkthrough – Medium Difficulty

Hack The Box: Metatwo Machine Walkthrough – Easy Difficulty

by darknite
2023-04-30

In this post, I would like to share a walkthrough of the Metatwo Machine from Hack the Box This room will be considered a medium machine… Read More »Hack The Box: Metatwo Machine Walkthrough – Easy Difficulty

Learning Series: SQL Injection attack method

by darknite
2022-10-31

In this post, I would like to share some knowledge about SQL Injection which can be useful during Penetration Testing activity. Before we went deeper… Read More »Learning Series: SQL Injection attack method

Hack the box: Vessel Machine Walkthrough – Hard Difficulty

by darknite
2023-03-26

In this post, I would like to share a walkthrough of the Vessel Machine from Hack the Box This room will be considered a medium machine on… Read More »Hack the box: Vessel Machine Walkthrough – Hard Difficulty

Hack The Box: Shared Machine Walkthrough – Medium Difficulty

by darknite
2023-02-24

In this post, I would like to share a walkthrough of the Shared Machine from Hack the Box This room will be considered a medium machine on… Read More »Hack The Box: Shared Machine Walkthrough – Medium Difficulty