0xdf

NeoVault from the HackTheSystem Bug Bounty-themed CTF challenge from @hackthebox_eu abuses an older API to find an IDOR vulnerability. Then I need to find the right ID, either by snooping on requests when sending money or brute forcing Mongo object IDs. youtube.com/watch?v=tbbL4h…

Cypher from @hackthebox_eu showcases cyhper injection to bypass a login prompt, command injection in a Neo4J extension, and building a bbot module. In Beyond Root, I'll skip the Cypher injection, and look at the webserver setup. 0xdf.gitlab.io/2025/07/26/htb…

The second @vulnlab_eu box this week on @hackthebox_eu is Ten. There's a web hosting service where I'll abuse the dynamic FTP and Apache configurations along with etcd and remco to completely take over the target. 0xdf.gitlab.io/2025/07/24/htb…

That's a really nice demonstration video of a very basic Buffer Overflow - ret2win challenge I made for Stacksmash CTF, check @0xdf_ video here -> youtube.com/watch?v=vQW113…

Stack Smash CTF from @hackthebox_eu is this weekend! Teaser challenge dropped today. It's a fun easy binary exploitation challenge with an integer underflow and a buffer overflow to jump to the win function. And awesome old-school terminal art as well. youtube.com/watch?v=vQW113…

This week's first @vulnlab_eu box on @hackthebox_eu, RetroTwo, has PreWindows2000, Microsoft Access, and exploits against Windows 2008 R2. 0xdf.gitlab.io/2025/07/22/htb…

AI + reversing. I use it all quite a lot. Not because I can’t do the work, but because it enables me to work faster when reversing is not my primary job. When the sample fails to run in the sandbox and you need the IOCs during an active engagement. I’ll drop it in a…

This is one of the worst tropes in infosec. It's true until initial access. Then the tables turn 180°

Scepter from @hackthebox_eu is all about certificates and exploiting ESC14. I'll do it twice, from different perspectives, with a secretsdump at the end. 0xdf.gitlab.io/2025/07/19/htb…

We're back at it again today! Join @ippsec, @21y4d, me, and any other staff / moderators that drop by! Noon Eastern / 4pm UTC.

In this week's second @vulnlab_eu release on @hackthebox_eu, Redelegate has some standard steps working up to a user with SeEnableDelegationPrivilege. I'll look at Delegation options and exploit one of them to get full domain control. 0xdf.gitlab.io/2025/07/17/htb…

iReset from @vulnlab_eu went live on @hackthebox_eu today. There's some simple web hacking, and I had never really done Berkeley r commands before. 0xdf.gitlab.io/2025/07/15/htb…

Dog from @hackthebox_eu is all about Backdrop CMS. I'll get an exposed Git repo, leaking configs and a username and password. I'll upload a malicious plugin to get RCE, and abuse the Backdrop management tool, bee, to get root. 0xdf.gitlab.io/2025/07/12/htb…

Another HackTheSystem Bug Bounty-themed CTF challenge from @hackthebox_eu. This one is all about GraphQL. There's IDOR, introspection, batching. I learned a ton doing this one. youtube.com/watch?v=toqTIk…

Most Fridays I have the privilege of sitting on the @hackthebox_eu Cube Talks panel on the HTB Discord. HTB staff take questions from the live audience. It's a good time. Come to the HTB Disord join us. Fridays at 4PM UTC (noon eastern). discord.gg/senmmDM

The HackTheSystem Bug Bounty-themed CTF from @hackthebox_eu took place a little over a week ago. I wanted to showcase some of the challenges. I'll start with JinjaCare, a very easy level Jinja SSTI challenge. youtube.com/watch?v=lWpyKT…

VulnEscape is the 5th @vulnlab_eu box to release on @hackthebox_eu. It's different than most HTB releases - I start with RDP access to a Kiosk, and have to escape and bypass UAC. Oh, and the box is in Korean. Beyond Root, I'll show the Kiosk mode config 0xdf.gitlab.io/2025/07/08/htb…

CVE-2025-32463, the sudo chroot vulnerability in many Linux distros, broke last week. In this video, we'll understand what happens, how it leads to root, and exploit it in a vulnerable Docker container. youtube.com/watch?v=jsiP6T…

I'll start by leaking the source code of the Cat website from an exposed git. Then there's XSS, SQLi, webshells, and an interesting Gitea CVE. 0xdf.gitlab.io/2025/07/05/htb…

This is up on YouTube and the podcast feeds now. Really great listen!