ssti

Hack The Box: CodePartTwo Machine Walkthrough – Easy Diffculty

by darknite
2026-01-31

Just finished CodePartTwo on Hack The Box — a fun Easy-rated Linux box that taught me a lot!

Initial access came via a js2py sandbox escape in their online JavaScript code editor (CVE-2024-28397 style prototype chain abuse) → reverse shell as ‘app’.
Post-exploitation: found users.db in /app/instance → quick Python HTTP server exfil → local sqlite3 dump → two MD5 hashes. CrackStation instantly revealed marco’s password (sweetangelbabylove).
Lateral move: SSH as marco → user.txt claimed.

Privesc: sudo -l gave NOPASSWD /usr/local/bin/npbackup-cli. After inspecting npbackup.conf (stdin_from_command hint), I used –external-backend-binary to point to my malicious reverse shell script → root shell → root.txt captured.

Loved how it combined modern sandbox escape with classic sudo misconfig abuse. Solid box for anyone practicing foothold → lateral → root paths.

#HackTheBox #CTF #PenetrationTesting #Cybersecurity #PrivilegeEscalation #SandboxEscape #LinuxPrivilegeEscalation #RedTeamOps #BugBountyHunter #EthicalHacking

Hack The Box: Trickster Machine Walkthrough – Medium Difficulty

by darknite
2025-02-01

Introduction to Trickster: In this write-up, we will explore the “Trickster” machine from Hack The Box, categorized as a medium-difficulty challenge. This walkthrough will cover… Read More »Hack The Box: Trickster Machine Walkthrough – Medium Difficulty

Hack The Box: Sandworm Machine Walkthrough – Medium

by darknite
2023-11-18

In this post, I would like to share a walkthrough of the Sandworm Machine from Hack the Box This room will be considered a medium machine… Read More »Hack The Box: Sandworm Machine Walkthrough – Medium

HackTheBox: Redpanda Machine Walkthrough – Easy Difficulty

by darknite
2023-02-22

In this post, I would like to share a walkthrough of the RedPanda Machine from Hack the Box This room will be considered an Easy machine on… Read More »HackTheBox: Redpanda Machine Walkthrough – Easy Difficulty

Hack The Box: Late Machine Walkthrough – Easy Difficulty

by darknite
2023-02-22

In this post, I would like to share a walkthrough of the Late Machine from Hack the Box This room will be considered an Easy machine on Hack… Read More »Hack The Box: Late Machine Walkthrough – Easy Difficulty

HackTheBox: Talkative Machine Walkthrough – Hard Difficulty

by darknite
2023-02-25

In this post, I would like to share a walkthrough of the Talkative Machine from Hack the Box This room will be considered as a Hard machine on Hack… Read More »HackTheBox: Talkative Machine Walkthrough – Hard Difficulty

Hack The Box: GoodGames Machine Walkthrough – Easy Difficulty

by darknite
2023-02-22

In this post, I would like to share a walkthrough of the GoodGames Machine from Hack the Box This room will be considered as an Easy machine on Hack… Read More »Hack The Box: GoodGames Machine Walkthrough – Easy Difficulty

HackTheBox: Bolt Walkthrough – Medium Difficulty

by darknite
2023-02-24

In this post, I would like to share a walkthrough of the Bolt Machine from HackTheBox This room has been considered difficulty rated as a medium machine on HackThebox… Read More »HackTheBox: Bolt Walkthrough – Medium Difficulty

Hackthebox: Spider Machine Walkthrough – Hard Difficulty

by darknite
2023-03-08

In this post, i would like to share a walkthrough on Spider Machine. This room has been considered difficulty rated as HARD machine Information Gathering on Spider machine Once… Read More »Hackthebox: Spider Machine Walkthrough – Hard Difficulty