WriteupsHTB — Checker
WebHardLinux
HTB — Checker
TeamCity authentication bypass combined with Bookstack SSRF to read internal files and chain into remote code execution.
February 22, 2025HackTheBox
#TeamCity#SSRF#Bookstack#RCE
user.txt
sh
reader@checker:~$ ls
user.txt
reader@checker:~$ cat user.txt
a2f4d3b8720114331db12192504dd3fsh
reader@checker:~$ bash -p
bash-5.1# whoami
root
bash-5.1# cd /root
bash-5.1# ls
root.txt
bash-5.1# cat root.txt
261df822...Up next
MediumMar 2025
HTB — Cypher
Neo4j Cypher injection bypasses authentication. APOC procedure abuse executes OS commands for initial access and privesc.
Read writeup
EasyMar 2025
HTB — Dog
Backdrop CMS with exposed .git repository leaks DB credentials. Password reuse for SSH. SUID bee binary grants root.
Read writeup
MediumMar 2025
HTB — TheFrizz
Active Directory machine exploiting misconfigured LAPS and ACL abuse chain to escalate from low-privileged user to Domain Admin.
Read writeup