What is SQL Injection? SQL injection is a very well known web application security vulnerability that can have serious consequences. Exploitation often leads to theft of sensitive information such as passwords, financial data, personally identifiable information, and much more. Big
Year: 2023
Arctic is an awesome Windows machine on Hack The Box that will test your ability to perform basic enumeration and establish initial access by exploiting a directory traversal vulnerability in a web application. Once the attacker gains a foothold, they
Beep is an easy Linux machine on Hack The Box that has a few different options for exploitation. This write up will showcase an LFI (Local File Inclusion) vulnerability against Elastix. Local File Inclusion vulnerabilities allow attackers to access files
Knife is an easy Linux machine on Hack The Box that is centered around exploitation of PHP 8.1.0-dev. This version of PHP has a backdoor (which isn’t very well hidden) that allows attackers to perform remote code execution. This exploitation
Cap is an easy Linux machine on Hack The Box that will first test your ability to locate an IDOR vulnerability in a web application. Once this vulnerability is identified, you will be able to download a PCAP file and