Introduction Hello everyone, I trust you’re all doing great. Over the past weekend, my friend n3hal_ and I stumbled upon an intriguing XSS vulnerability while participating in a bug bounty prog...

TL;DR This writeup is based on Devel which is an easy-rated machine on HackTheBox. It starts with FTP and HTTP. I will use FTP anonymous login to upload a webshell to get shell on the machine. L...

TL;DR This writeup is based on Legacy on Hack the box. It was a windows box. It starts with Samba. In this machine, Samba has two bugs, which are SMB vulnerability(Eternal Blue or MS17-010) and ...

TL:DR This writeup is based on Lame on Hack the box. It was a Linux box. It starts with two major services, vsftpd, and Samba. We tried FTP logon but didn’t get anything interesting. Then try to...