• All active posts offline!
    We won’t post here any active machines from HTB anymore also not with passwords.
  • HTB Walkthrough Book
    Summary Foothold After the Nmap scan we see there are only 2 ports open. after poking around we discover the sign up page is vulnerable to an SQL truncation Attack User Once we are logged into the admin and normal site we discover an XSS vulnerability, cause this vulnerability we […]
  • HTB Walkthrough ForwardSlash
    Summary Foothold after some web enumeration we find out there is a backup site which still contains a LFI, after looking around we see there is a dev folder which contains a index.php file, in that file we were able to find credentials. User after successful login we still need […]
  • THM Walkthrough NAX
    NAx is a machine released by Track Hack Me. Summary The website shows a weird page which turns out to be chemical elements after solving this puzzle we are able to download a image file. when we do some stego stuff we are able to get some credentials for […]
  • HTB Walkthrough Tabby
    Summary Tabby is launched on the 20th of June and is rated as an Easy Box. Foothold Nmap shows there are only 3 ports open, 22,80,8080. on port 80 we see a webpage that is vulnerable to LFI User After finding the LFI and the right file we get credentials […]
  • HTB Walkthrough ServMon
    Servmon has been released on 11th of April and has been retired on 20th of June. Servmon is an Easy rated machine. Foothold First we see we have anonymous access to FTP, there is a file that mentions there should be a passwords.txt on the desktop of nathan, after the […]