📚 Published Blogs Posts
HTB - Environment
Environment is a Hack The Box machine exploiting CVE-2024-52301, weak upload filters, and sudo path hijacking to gain root access.
Jul 23, 2025HTB - Runner
Runner is a Hack The Box machine involving subdomain discovery, exploiting a TeamCity vulnerability (CVE-2023-42793) for RCE, escaping a Docker container, and gaining root access via Portainer using CVE-2024-21626 in runc.
Jul 22, 2025HTB - Titanic
Titanic is a Hack The Box machine where path traversal reveals a Gitea database. Cracked credentials allow SSH access, and root is gained by exploiting a vulnerable ImageMagick version (CVE-2024-41817) for remote code execution.
Jul 15, 2025HTB - TwoMillion
TwoMillion is a Hack The Box machine where an invite code flaw leads to account creation, an API bug grants admin, and a VPN config leak allows RCE. SSH access is gained with leaked creds, and root via kernel exploit CVE-2023-0386.
Jun 23, 2025