HackTheBox – Simon Baeg

Letter Despair (HTB Business CTF 2022: Dirty Money)

Letter Despair is a simple Web challenge provided by HackTheBox as part of their Business CTF: Dirty Money. This challenge is very simple, a single .PHP file was provided which indicates the vulnerability is likely to be discovered by some form of code review. A screenshot of the application can be seen below: My firstContinue reading →

20 July 202023 January 2025 ctf, hackthebox, php

[HackTheBox] Forest

Enumeration I started off with an Nmap scan on the target. We can observe that the host is Windows Server with Active Directory services running. With this in mind, I ran enum4linux to see if there were any other information I could extract from the host. Exploitation (User) After obtaining the user accounts, I attemptedContinue reading →

31 March 202023 January 2025 active-directory, bloodhound, ctf, hackthebox

[HackTheBox] Olympus

Enumeration I started off with a simple NMAP scan on the target. A quick glance at the the open ports show nothing too unusual, except maybe the ssh port open on 2222. I navigated to the http service and all it contained was a simple image. I also decided to run a nikto scan toContinue reading →

13 May 201823 January 2025 ctf, docker, hackthebox