Sskelterinskelter.hashnode.dev·Nov 22, 2021 · 1 min read[HTB] Baby CachedView writeup (Alternative)I came up with this solution, and after capturing the flag, i noticed that all the other writeups made use of the DNS rebinding technique. Checking the code, you'll see that the "/flag" endpoint is only accessible from a local machine. You can either...00
Sskelterinskelter.hashnode.dev·Nov 21, 2021 · 1 min read[HTB] Phonebook writeupThis is a simple one. The login is based on LDAP user authentication. You can login using: Username:* Password:* After this, you can search the phonebook, and a few usernames will pop. We can try to extract passwords from users, and we start by the...00
Sskelterinskelter.hashnode.dev·Nov 20, 2021 · 4 min read[HTB] AbuseHumandb writeupAfaik, this is the first publicly available writeup on this challenge. abusehumandb is a fun one on HackTheBox, but i wouldn’t rate it as “easy”, compared to other easy ones there. . . If you have any questions, leave a comment, but for now, i’d reco...01OC
