Hack the box : Forest Machine Synopsis Forest is an easy difficulty machine, you’re going to have to be curious about all the Recon steps on a Windows environment.You will be able to leak NTLM hashes by obtaining Kerberos TGTs (Ticket Grants Ticket) for those users that have the property ‘Do not require Kerberos pre-authentication’ set (UF_DONT_REQUIRE_PREAUTH). After this step, you will learn how to use BloodHound and find different ways to add your user in the Domain Admin.
Hack the box CTF : Luke Machine Sypnosis Luke is a medium difficulty machine, you’re going to have to be curious about all the steps of Recon (in particular to find critical files to be left by the developer). With this credential, you will create a JWT (JSON Web Token) from admin acccount. After this step, We will be able to find users endpoint from the NodeJs server. There, some credentials are stock and we will have an access to Ajenti on default port (8000).
Hack the box CTF : Sizzle Machine Synopsis Sizzle is an Insane difficulty machine, you’re going to have to be curious about all the steps of Recon. You will bypass SSL cert and perform a RCE with WinRM. After this step, you will learn how to bypass AMSI and AppLocker with MSbuild and CSproj file. Furthermore, a lateral movement will be necessary. from there, we will leak Kerberoas User hash and the NTLM Administrator hash for the final Priv Esc.
Hack the box CTF : Curling Machine Synopsis Curling is an easy difficulty machine, you’re going to have to be curious about all Recon steps. On this box, you will learn how to install a reverse shell with a Joomla plugin, test your skills in forensic with analysis file and recovery admin data. The last step will learn you how to use admin script with root access. The machine was a bit CTFish but very interesting to learn other method and exploit in Joomla CMS, thank you @L4mpje !
Hack the box CTF : Carrier Machine Synopsis Carrier is a medium difficulty machine, you’re going to have to be curious about all the steps of Recon. you will perform an RCE to a reverse shell and you will finish to learn how to do bgp hijacking. The author of this machine did a really great job, thank you @snowscan for this one, I had to learn a lot about Border Gateway Protocol (BGP) !
Hack the box CTF : ETHEREAL Machine Synopsis Ethereal is a insane difficulty machine, a little bit CTF-ish, but you will learn how to use DOSBOX, craft a RCE through OpenSSL, craft a shortcut with LNKUp and inject your command into it and build your own MSI file to run root command. The creation of this machine required an enormous and remarkable amount of work. In any case, well done to the creator @MinatoTW and @egre55 !
Hack the box CTF : YPUFFY Machine Synopsis Ypuffy is a medium difficulty machine that highlights the risks of exposing sensitive information with samba. This box will learn you how certificates can be used for signing ssh keys. To finish, this box can be very interesting to know how a OpenBSD machine works and his root config. Presentation Ypuffy was put online on 15/09//2018 and was withdrawn on 09/02/2019.
Hack the box CTF : Mischief Machine Synopsis Mischief is a hard to insane difficulty machine that highlights the risks involved with exposing SNMP, and the dangers of passing credentials over the command line. It also features a “ping” admin page - functionality often found on appliances, which is worth testing for RCE vulnerabilities. “trickster0 - Machine maker” Presentation Mischief was put online on 07/07/2018 and was withdrawn on 5/01/2018.
Hack the box CTF : Secnotes Machine Synopsis Secnotes is a medium difficulty machine that highlights the risks of SQL Injection. Connection elements are lying around on the site, they will be used without the administrator’s knowledge and may give access to SMB resources. From this point we will be able to upload a reverse-shell and make a privilege elevation in the Ubuntu environment for Windows 10. Presentation Secnotes was put online on 07/07/2018 and was withdrawn on 5/01/2018.