HTB challenge: LoveTok (php addslashes restricted quotes bypass)

The challenge

On a recent hackthebox challenge the following code required to be exploited to get the flag:
<?php
class TimeModel
{
public function __construct($format)
{ 
$this->format = addslashes($format);

[ $d, $h, $m, $s ] = [ rand(1, 6), rand(1, 23), rand(1, 59), rand(1, 69) ];
$this->prediction = "+${d} day +${h} hour +${m} minute +${s} second";
}

public function getTime()
{
eval('$time = date("' . $this->format . '", strtotime("' . $this->prediction . '"));');
return isset($time) ? $time : 'Something went terribly wrong';
}
}
Continue reading “HTB challenge: LoveTok (php addslashes restricted quotes bypass)”

HTB: Networked walkthrough

“Networked” Info Card  
Slight hint(s): Unrestricted file upload, bypass image upload restriction, bypass mimetype restriction
Slight hint(s) (PE): shell command injection, unescaped variable command injection
Continue reading “HTB: Networked walkthrough”

Haystack – hackthebox.eu walkthrough

This is a walkthrough on the machine called Haystack on hackthebox.eu, which most users found frustrating and/or annoying. Personally I would describe it more as a kind of annoying box, and although rated as easy my personal opinion is at least the Privilege Escalation part should be falling a bit more into the intermediate category. cat >> /etc/hosts <<<“10.10.10.115 haystack.htb”
Continue reading “Haystack – hackthebox.eu walkthrough”

OSCP – the road from failing to 105

Introduction to my OSCP Journey

Although this post is mentioned to be an overall overview and resource on how to prepare for OSCP, it is kind of targeted to those who didn’t manage to pass on their first attempt. As I am one of those guys too, and that made me make the necessary adjustments in my learning process. There are tons of reviews on OSCP regarding someone getting the certification after their first exam, and I am not one of them. Yes, I failed it. And do I regret it? Hell no. I dedicated to it and learned tons of stuff since my first exam attempt, and this post will be pointed towards those who failed their OSCP exam attempts and what to stress on when preparing how to successfully achieve the requirements for the OSCP certification.
Continue reading “OSCP – the road from failing to 105”