A blog about cybersecurity by Cybix AB

Writeup for the easy ranked THM room Dear QA


This writeup describes how I approached the room Dear QA from Try Hack Me. This room is based on Linux and it is rated easy. I have been thinking about starting a series of articles about binary exploitation. Perhaps starting at the very easiest basics and building from that. This room seems like a very good first post on this subject. It’s the easiest kind of binary exploitation you could do.…
Read more ⟶

Writeup for the medium ranked HTB box Bolt


This box was a real enumeration-challenge, most of my time on this was spent on examining webserver content, mysql-database and interesting files on the box OS. Vulnerabilities on this box is Server Side Template Injection, and a weak password on a encrypted PGP message. Tools used for this box was nmap, dirb, searchsploit, nikto, python3, burpsuite, ffuf, hashcat, gpg2john and john. The environment I used was a kali-VM (in Parallels Desktop 17) on my MACOS-machine.…
Read more ⟶

Writeup for the easy ranked HTB box Horizontall


This writeup describes how I approached the box Horizontall from Hack The Box (https://www.hackthebox.eu). The box is based on Linux and it is rated easy. This box includes vulnerabilities that is known and documented (CVE-2019-18818, CVE-2019-19609 , CVE-2021-3129) Tools and techniques used in this hack are Nmap, Dirb, Ffuf, Firefox, Burpsuite, Curl, Python, JSon and JWT. My style of writeups is to describe how I was thinking when attacking them. My personal opinion is that I learn from analysing my process over and over again, and you learn more from understanding the process than just following a guide.…
Read more ⟶

Writeup for the medium ranked HTB box Forge


“In a successful CSRF attack, the attacker causes the victim user to carry out an action unintentionally. For example, this might be to change the email address on their account, to change their password, or to make a funds transfer. Depending on the nature of the action, the attacker might be able to gain full control over the user’s account. If the compromised user has a privileged role within the application, then the attacker might be able to take full control of all the application’s data and functionality.…
Read more ⟶