0xBEN
/
Sign up to 0xBEN!
Already have an account? Sign in

HackTheBox | Bizness

In this walkthrough, I demonstrate how I obtained complete ownership of Bizness on HackTheBox
0xBEN
10 min read
HackTheBox | Bizness
🛑
This box is still active on HackTheBox. Once retired, this article will be published for public access as per HackTheBox's policy on publishing content from their platform.

Clicking the Subscribe button below WILL NOT get you access to this article (although I would be grateful for your subscription otherwise).

Initial Foothold Hint:

  • Did you enumerate the directories and files on the web server?
  • Can you find any CVEs for the installed product?

Privilege Escalation Hint:

  • The vulnerable service is Dockerized, can you find any interesting Docker files?
  • There's a hash in the file, but this is just a placeholder value
  • Does Docker leave any log files where that hash might be written?
  • How is the hash value calculated?
  • What kind of hash is it and how do you crack it?

Read the full story

Sign up now to read the full story and get access to all posts for Pending Publication tier only.

Subscribe
Already have an account? Sign in
0xBEN
Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to 0xBEN.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.