Hack the box released a machine named Falafel in 2018. The difficulty set by the community and HTB is Hard, and I can see why considering the machine required quite a few different attack types including blind SQL injection, password cracking, type juggling, file upload bypass, and abusing Linux permissions and group misconfigurations to finally …
Read More “OSWE Prep – HTB Falafel – No SQLMap”
Nibbles from Offensive Security is a great example of getting root on a box by just “Living off The Land”. This boot to root includes no exploitation scripts and shows the importance of hardening systems before deploying to production. Now, on to the hacking. Reconnaissance We start off with a basic nmap scan. First, lets …
Read More “Offensive Security – Proving Grounds – Nibbles Write-up – No Metasploit”