all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

HTB: Inject WriteUp

Add to bookmarks
July 24, 2023, 5:56 a.m. | zer0dac

InfoSec Write-ups - Medium infosecwriteups.com

Hi Guys,

I’m gonna explain how to solve inject box on Hackthebox.
First things first, we will start with just a classic Nmap scan.

nmap results

As a result, there is 2 open port just as usual. Let’s start with checking the web application.

web application

A lot of part of the website is just static pages, but the upload page is interesting.

After tons of times trying to file upload vulnerability and failing, I checked the image I uploaded. …

application box ctf-walkthrough ctf-writeup hackthebox hackthebox-walkthrough hackthebox-writeup htb inject nmap open port page pentesting port result scan start the web things upload web web application website writeup

Visit resource

More from infosecwriteups.com / InfoSec Write-ups - Medium

AWS S3 Bucket Misconfiguration Exposes PII and Documents of Job Seekers 2 days, 4 hours ago | infosecwriteups.com
bug bounty cloud cybersecurity india +1
Honeypots 101: A Beginner’s Guide to Honeypots 3 days, 5 hours ago | infosecwriteups.com
art attacker attackers attacks +19
No Dev Team? No Problem: Writing Malware and Anti-Malware With GenAI 3 days, 16 hours ago | infosecwriteups.com
ai anti-malware can companies +29
The Diamond Model: Simple Intelligence-Driven Intrusion Analysis 4 days, 5 hours ago | infosecwriteups.com
analysis continue cyber cybersecurity +18
Analysis of Competing Hypotheses: How to Find Plausible Answers 4 days, 5 hours ago | infosecwriteups.com
analysis continue cybersecurity discover +10
Devvortex Hackthebox Walkthrough 4 days, 5 hours ago | infosecwriteups.com
cybersecurity htb htb-walkthrough htb-writeup +1
Port Scanning for Bug Bounties 4 days, 5 hours ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity infosec +1
How I Accidentally Discovered an Insecure Direct Object Reference (IDOR) Vulnerability on Coursera 4 days, 5 hours ago | infosecwriteups.com
article certificate coursera cybersecurity +15
TryHackMe - Mr. Robot CTF 4 days, 5 hours ago | infosecwriteups.com
ctf linux security tryhackme

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604
View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö
View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963
View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000
View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto
View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com
View more jobs