Casey Mullineaux

Sign in Subscribe

hackthebox

HackTheBox - Sense

HackTheBox - Sense

This challenge demonstrates that it’s not just servers that are vulnerable to attack. Firewalls and other internet facing appliances can also provide an avenue for an attacker to exploit and gain a foothold on your network. Enumeration Starting with a basic nmap scan, I uncover a web server listening

HackTheBox - Mirai

HackTheBox - Mirai

This IoT themed HackTheBox challenge shines a light on the problems associated with a rapid explosion of internet connected devices. As cheap mini-computers such as the RaspberryPi become easily accessible to consumers, it’s clear that securing these devices can be easily overlooked. This challenge was pretty simple and straightforward

HackTheBox - SolidState

HackTheBox - SolidState

This ‘real world company’ exercise demonstrates what can happen if your support staff email user’s credentials in plain text. After exploiting the mail server and hunting around in user’s email, I was able to take advantage of user credentials combined with misconfigured file permissions to compromise the system.

HackTheBox - Blocky

HackTheBox - Blocky

This Minecraft themed exercise demonstrates the importance of not hard coding credentials when developing software. After discovering credentials left by a sloppy developer in a Minecraft Addon, I was able to use them to compromise the entire system. Recon nmap First thing’s first. nmap -sV -sC -oA nmap 10.