Hits & Summary

Hack the Box, try harder and harder

Name

Skill

Initial Flag

Root Privilege

Ready - Linux (Medium)

CVE +

Docker Container

CVE - RCE

Docker Container Escape

Blackfield - Windows (Hard)

AD Enum

Kerberos pre-authentication +

Less.dmp analysis +

NTLM hash

Using the backup account to gain access to NTDS.dit

Love - Windows (Easy)

PHP exploit, Windows PE

PHP exploit

Windows PE - AlwaysInstallElevated Policy

CAP - Linux

(Easy)

Wireshark + Linux PE (SUID)

pcap analysis - FTP password disclosed

SUID (Capabilities )

BountyHunter - Linux (Easy)

XXE + python hacking

XXE

Sudo, with python hacking script