hackthebox
-
Read more: Visual – Hack The Box – @lautarovculicUser.txt We note that the only open port is 80:HTTP After configuring as usual the /etc/hosts file, let’s take a look at the content of the web page, underneath, we find a functionality; which as it indicates, we can send a repository. But first, take a close look at the following message: Basically, a Git…
-
Read more: Keeper – Hack The Box – @lautarovculicUser.txt First we are going to configure the /etc/hosts file According to nmap, we have port 22 and 80 open. We see that keeper.htb redirects us to another page with a subdomain, we will also add it to /etc/hosts to be able to reach it. I tried enumerating with dirb, but to no avail. I…
-
Read more: Supermarket – Hack The Box – @lautarovculicDifficult: Medium Category: Mobile OS: Android Description: My supermarket list is too big and I only have $50. Can you help me get the Discount code? Download the .zip and install the APK vía ADB. adb install -r supermarket.apk Reading the application code and taking into account the description of the challenge, apparently we have…
-
Read more: SAW – Hack The Box – @lautarovculicDifficult: Medium Category: Mobile OS: Android (SDK ≥ 29) Description: The malware forensics lab identified a new technique for hiding and executing code dynamically. A sample that seems to use this technique has just arrived in their queue. Can you help them? When you download the .zip file and extract them, we can see that…
-
Read more: APKey – Hack The Box – @lautarovculicDifficult: Easy Category: Mobile OS: Android (SDK 30) Description: This app contains some unique keys. Can you get one? First, we need download the .apk For this mobile challenge,we need install an Android device with SDK 30 (Android 11 máx) with Genymotion. Decopile the .apk with apktool apktool d APKey.apk Here we can see that…
-
Read more: SeeTheSharpFlag – Hack The Box – @lautarovculicDifficult: Medium Category: Mobile OS: Android Description: I have made a password verification app. If I can remember the password, the app will tell me it is correct. See if you can guess my password. The first step that we need to do is download the .zip file and extract the .apk with apktool Looking…
-
Read more: Hack The Box – Clicker – @lautarovculicUser.txt As usual, let’s first configure the /etc/hosts file. Now we will see what nmap tells us. We see that you have ports 22, 80, 111 and 2049 open. There is an NFS, let’s see what it contains. showmount -e 10.10.11.232 The /mnt/backup directory is shared! We are going to mount it on our local…
-
Read more: Hack The Box – Cryptohorrific – @lautarovculicDifficult: Medium Category: Mobile OS: iOS Description: Secure coding is the keystone of the application security! After downloading the compressed file and decompressing it, we will have a folder where inside we find the files we need: The hackthebox file, is the main file of the program that contains the binary files. The .plist file…
-
Read more: Hack The Box – Sau – @lautarovculicUser.txt First we will configure the file /etc/hosts with the IP and sau.htb Then we will do a scan with nmap to obtain information about the ports and services available on the machine. Well, port 80 keeps thinking. So apparently the entry point is port 55555. Let’s take a look. We have Request-Basket version 1.2.1,…
-
Read more: Hack The Box – Pilgrimage – @lautarovculicThis writeup are available in my GitHub.