NINeville Iregiinm0ng00s3-blog.hashnode.dev·Apr 30 · 14 min readHack The Box: BikeBike is a Linux machine that introduces Server-Side Template Injection (SSTI) in a Node.js application using the Handlebars template engine. The SSTI in the web application can be leveraged to escape 00
NINeville Iregiinm0ng00s3-blog.hashnode.dev·Mar 21 · 12 min readHack The Box Lab: ThreeOrganizations of every type, size, and industry are using the cloud for a wide variety of use cases, such as data backup, storage, disaster recovery, email, virtual desktops, software development and 00
CCh4os1inch4os1.hashnode.dev·Mar 16 · 3 min readInstalling the Latest Certipy on HTB Pwnbox: A Step-by-Step GuideIf you're doing Active Directory certificate attacks on HackTheBox, you've probably heard or used Certipy - the incredible tool by Oliver Lyak for PKI abuse. However, if you've tried installing it on 00
AAdhamincyberlabhelp.hashnode.dev·Feb 8 · 3 min readHackTheBox Dancing (Windows Room) — Full WalkthroughThis article covers a mix of theoretical knowledge and hands-on practice focused on the SMB (Server Message Block) protocol. Using the Dancing room on HackTheBox, I demonstrate how basic SMB enumeration works in a real environment and how misconfigur...00
MSMOHIT SINGH PAPOLAinblog.reapsec.com·Jan 23 · 7 min readOutdatedOVERVIEW ENUMERATION So we are given IP now let’s start the enumeration using Nmap So this time aside from the regular ports we got a Port 25 opened running SMTP service so it might could give us some lead and also we got the Domain and DC name s...00
MSMOHIT SINGH PAPOLAinblog.reapsec.com·Jan 8 · 8 min readVintageOVERVIEW As you can see we got an IP and this time we are given starting credential of a valid user so let’s first start the enumeration with NMAP ENUMERATION The scan looks normal so let’s use the given credential in each service but before that ...00
MSMOHIT SINGH PAPOLAinblog.reapsec.com·Jan 4 · 4 min readManagerOVERVIEW So Like always we got our IP Address so now let’s scan it using NMAP ENUMERATION So we have lot of ports so let’s enumerate each one of them one by one but don’t forget to add the Domain and DC name in your /etc/hosts file Let’s start fro...00
MSMOHIT SINGH PAPOLAinblog.reapsec.com·Jan 3 · 9 min readStruttedOVERVIEW So we are given IP Address let’s start the enumeration using NMAP ENUMERATION Let’s analyze these ports specifically Port 80 and don’t forget to add strutted.htb into /etc/hosts Here we can see there is an upload functionality but only J...00
MSMOHIT SINGH PAPOLAinblog.reapsec.com·Dec 28, 2025 · 6 min readAuthorityOVERVIEW So we are given an IP address let’s scan it using Nmap ENUMERATION So we got so many open ports Let’s check them and don’t forget to add the Domain name in /etc/hosts file I checked Port 80 and it is an IIS Windows Server and doesn’t hav...00
MSMOHIT SINGH PAPOLAinblog.reapsec.com·Dec 25, 2025 · 5 min readVulnCicadaOVERVIEW So we have given IP address of the machine so Let’s head to Nmap to scan this IP ENUMERATION So these are the ports open and domain and domain controller name Be sure to add these into /etc/hosts So Port 2049 caught my eye which has nfs ...00
