HTB Luke Writeup by Spenge

Luke was a great box for those looking to up the difficulty a bit when coming from easy boxes. Once again enumeration is key, and the box involved a lot of the basics while looking a bit more in depth at web exploitation and an API, finally we abused the Ajenti web panel to access files and optionally for file upload.

Twitter Facebook LinkedIn RSS

Comments

[CVE-2021-3156] Exploiting Sudo heap overflow on Debian 10 by D3v17

Recently the Qualys Research Team did an amazing job discovering a Heap overflow vulnerability in Sudo. In the next sections, we will analyze the bug and we will write an exploit to gain root privileges on Debain 10.

HTB Rope2 Writeup by FizzBuzz101

Rope2 by R4J has been my favorite box on HackTheBox by far. It wasn’t really related to pentesting, but was an immersive exploit dev experience

BirdsArentReal

HTB Luke Writeup by Spenge

Comments

You May Also Enjoy

[CVE-2021-3156] Exploiting Sudo heap overflow on Debian 10 by D3v17

HTB Rope2 Writeup by FizzBuzz101

HTB Intense Writeup by FizzBuzz101

HTB Tabby Writeup by dmw0ng