Dog machine on HachTheBox is an easy-level machine. For the initial foothold, after first scanning the application it revelas it consists of a CMS with a repository accessible. Under that rep...

Nocturnal machine on HachTheBox is an easy-level machine. After registering on the web portal, we find a flaw that lets us enumerate users and view their uploaded files. From one of these fil...

Cypher machine on HachTheBox is rated as medium difficulty. Initial access is achieved through a Neo4j Cypher injection by leveraging APOC procedures. During enumeration, a file containing cr...

Code machine on HachTheBox is categorized as easy and serves as a practical exercise for learning Python sandbox escape techniques to gain an initial shell. After establishing access, further...

Opacity machine on TryHackMe is boot-to-root machine requires exploiting a file upload vulnerability to gain an initial foothold via a reverse shell. Once inside, we discover a database file ...

Pyrat machine on TryHackMe is a boot2root machine which exposes an HTTP server on a concrete port. By crafting a specific payload, we gain initial shell access on the target machine. While ex...

Mustacchio machine on TryHackMe is an easy-difficulty challenge that requires a blend of web exploitation, cryptographic cracking, and Linux privilege escalation techniques. The journey begins wi...