HackTheBox
Time
· ☕ 9 min read · ✍️ M4t35Z
My HackTheBox Time writeup (Jackson rce --> Weak permissions)

Feline
· ☕ 12 min read · ✍️ M4t35Z
A box featuring java deserialization multiple CVE's and a docker privesc

Omni
· ☕ 6 min read · ✍️ M4t35Z
HackTheBox Omni writeup. A Windows IOT box, with PSCredential encrypted flags

OpenKeyS
· ☕ 4 min read · ✍️ M4t35Z
Writeup for OpenKeyS, a medium OpenBSD box. Web enum --> source --> auth bypass cve --> cookie --> id_rsa --> authroot cve --> root

Sneaky Mailer
· ☕ 10 min read · ✍️ M4t35Z
Subdomain enum --> smtp --> phishing --> creds --> imap --> more creds --> ftp(upload a revshell) --> pypi privesc --> user.txt --> gtfobins --> root.txt

Buff
· ☕ 5 min read · ✍️ M4t35Z
Buff writeup, ENUMERATE EVERYTHING. At the start the box was slow as hell like the majority of windows boxes lmao. Btw here's the process: Website enum --> cve --> Local enum --> cve --> root

Fuse
· ☕ 8 min read · ✍️ M4t35Z
Fuse writeup. http --> crawl --> cme --> passreset --> rpc --> printerpass --> winrm --> groups --> Admin

Blunder
· ☕ 6 min read · ✍️ M4t35Z
Rooting Blunder

Quick
· ☕ 16 min read · ✍️ M4t35Z
My writeup for a hard linux box.

Traceback
· ☕ 5 min read · ✍️ M4t35Z
Traceback was a very enjoyable box. I used a little OSINT in the first part after I got in I used only manual enumeration techinques in order to get to the root user.