CVE-2019-6447 | “The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.” If you never tried hacking Android-devices before this could be a good first box. The credentials found for the User-flag was very CTF-like but I think the box was OK anyway.…

MacBook Book Pro is and has always been a high quality computer. They tend to last long and I usually keep mine for at least 3 years, but many times as long as 5 to 6 years before it’s necessary to upgrade my everyday workhorse. What happens then, more often than not, is that the old Mac Book Pro becomes a computer dedicated for hacking and pentesting. Everyone has different setups that they like but in this case I like to go with the mainstream and install a bare metal installation of Kali Linux.…

“An early release of PHP, the PHP 8.1.0-dev version was released with a backdoor on March 28th 2021, but the backdoor was quickly discovered and removed. If this version of PHP runs on a server, an attacker can execute arbitrary code by sending the User-Agentt header. The following exploit uses the backdoor to provide a pseudo shell ont the host.” This box is previously retired from Hackthebox active-session and in my opinion is a good “starting-box” if you are new to hacking.…

This writeup describes how I approached the box Attended from Hack The Box (https://www.hackthebox.eu). The box is based on OpenBSD and it is rated insane. This box includes vulnerabilities that is known and documented (CVE-2019–12735) aswell as a lot of custom exploitation. Tools and techniques used in this hack are Nmap, DIRB, curl, Swaks, Python, OpenSSH, GDB, Radare2, Ghidra, Ropper. My style of writeups is to describe how I was thinking when attacking them.…