Info Welcome, brave cyber warriors, to the Avenger Training Cyber Security Capture the Flag! Prepare yourselves for a wild and wacky adventure through the treacherous realm of cyberspace. Your mi...

Hospital is a medium-difficulty Windows machine that hosts an Active Directory environment, a web server, and a RoundCube instance. The web application has a file upload vulnerability that allows t...

Summary Team Score 59/950 Personal Score Personal Solves Warmup Over the Wire (part 1) Info Solve Wireshark -> Statistics -> Protocol Hierarchy FTP looks interesting, filt...

Granny, while similar to Grandpa, can be exploited using several different methods. The intended method of solving this machine is the widely-known Webdav upload vulnerability. Recon Hosts p...

Grandpa is one of the simpler machines on Hack The Box, however it covers the widely-exploited CVE-2017-7269. This vulnerability is trivial to exploit and granted immediate access to thousands of I...

Broker is an easy difficulty Linux machine hosting a version of Apache ActiveMQ. Enumerating the version of Apache ActiveMQ shows that it is vulnerable to Unauthenticated Remote Code Execution, whi...

Codify is an easy Linux machine that features a web application that allows users to test Node.js code. The application uses a vulnerable vm2 library, which is leveraged to gain remote code executi...

Redis Server No Password thm@ip-10-10-131-119:~$ ss -ltnp|grep 0.0.0.0 LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0...

Beep has a very large list of running services, which can make it a bit challenging to find the correct entry method. This machine can be overwhelming for some as there are many potential attack ve...

Legacy is a fairly straightforward beginner-level machine which demonstrates the potential security risks of SMB on Windows. Only one publicly available exploit is required to obtain administrator ...

Info This CTF was held by Snyk, and it was mostly around Web challenges My goal was to finish 10+ challenges Summary Certificate Team scoreboard Personal Stats Personal Solves W...

Recon Nmap # Nmap 7.94 scan initiated Tue Oct 24 09:46:26 2023 as: nmap -vv --reason -Pn -T4 -sV -sC --version-all -A --osscan-guess -p- -oN /home/kali/htb/Clicker/results/clicker.htb/scans/_ful...

Forensics Trick or Treat Analyze malicious windows lnk file .\LECmd.exe -f "D:\kali-share\ctf\hacktheboo-2023\Trick or Treat\trick_or_treat\trick_or_treat.lnk" Name: Trick or treat Working D...

Notes Best score Tools Copilot General Prompt Jailbreak XXX Python packages pip install pycryptodome Crypto Hexoding Copilot can do this from base64 import b64decode HEX_...

Manager is a medium difficulty Windows machine which hosts an Active Directory environment with AD CS (Active Directory Certificate Services), a web server, and an SQL server. The foothold involves...