HackTheBox – Photobomb Write-up

Hi everyone! This write-up is on an easy Linux machine which focused on enumerating the webpage source for backdoor access to login to a webpage, using command injection vulnerability for initial access, and path hijacking via sudo for root privilege. Let’s get started! 1. Nmap enumeration $ IP= $ sudo nmap -sC -sV -p- $IP […]

HackTheBox – Knife Write-up

Dear readers, Today’s post is on Knife, a HackTheBox easy machine that is based on GNU/Linux. It was created on 24th May 2021. This machine is mostly about finding a CVE-liked vulnerability in the web application and using Knife for privilege escalation. Let’s get started! Tools required Nmap Burpsuite Python3 (Optional) If you are using […]