Skip to content

Hack The Box Write‑ups🔗

Welcome to my comprehensive collection of Hack The Box (HTB) machine write-ups. Each writeup documents a complete attack chain from initial enumeration to privilege escalation, with detailed explanations of why every step works.

What Makes These Different

These writeups focus on manual exploitation techniques and understanding the underlying vulnerabilities rather than just running automated tools. Each step includes the reasoning behind the approach and alternative methods when applicable.

How to Navigate🔗

  1. Browse machines by difficulty in the sidebar
  2. Use the search function (top-right) for specific tools, CVEs, or techniques
  3. Check the Resources section for methodology and tool references

Each writeup follows this consistent format:

  • Synopsis — Key facts, difficulty, and learning objectives
  • Enumeration — Port scanning, service discovery, and reconnaissance
  • Foothold — Initial access method and vulnerability exploitation
  • Privilege Escalation — Path to administrative access
  • Lessons Learned — Key takeaways, references, and remediation
  • Filter by difficulty using the navigation tabs
  • Copy commands directly from code blocks (hover for copy button)
  • Follow attack paths with visual flow diagrams where applicable

Current Write‑ups🔗

Difficulty Machine Attack Path Key Techniques
Easy Sau SSRF → Maltrail RCE → sudo privesc CVE-2023-27163, Command injection, systemctl pager escape
Coming Soon: More machines across all difficulty levels with focus on modern vulnerabilities and attack techniques.

Methodology Overview🔗

1
Reconnaissance & Enumeration
Comprehensive nmap scanning, service enumeration, and technology fingerprinting
2
Vulnerability Analysis
Manual testing, CVE research, and exploit development/modification
3
Exploitation & Access
Gaining initial foothold through identified vulnerabilities
4
Post-Exploitation
System enumeration, credential harvesting, and privilege escalation
5
Documentation & Remediation
Comprehensive writeup with screenshots, code, and security recommendations

About🔗

These writeups are created for educational purposes to help security professionals understand attack methodologies and improve defensive strategies. All activities are performed in controlled lab environments.

Ethical Use

The techniques documented here should only be used in authorized testing environments or your own lab setups. Always obtain proper permission before testing any systems.

Maintained by Mohamed Trigui • Last updated: January 2024