OSCP Prep

Hack The Box - Jerry - Default credentials and Apache Tomcat

---

Hack The Box - Querier - Fun with MSSQL and Responder

---

Hack The Box - Shocker - Playing with Shellshock

---

Hack The Box - Blue - Exploiting Eternal Blue

---

Hack The Box - Lame - Exploiting Samba on Linux

---

Hack The Box - Devel - FTP abuse to kernel exploit

---

Hack The Box - Irked - Exploiting IRC via Nmap

---

Hack The Box - Bashed - Custom webshell and bash terminal

---

Hack The Box - TarTar Sauce - WordPress RFI and fun with tar

---

Hack The Box - Active - Active Directory Kerboroasting

---

Hack The Box - Cronos - DNS ZT, SQLi, and playing with cron

---

Hack The Box - Grandpa - Exploiting IIS WebDAV and MS14-058 (with MSF)

---

Hack The Box - Granny - Exploiting IIS WebDAV and Token Kidnapping (no MSF)

---

Hack The Box - SwagShop - Exploiting Magento and vi

---

Hack The Box - Jeeves - Jenkins Groovy script, KeePass DB cracking, and Alternate Data Streams

---

Hack The Box - Sense - Gobuster enumeration and command injection on pfSense

---

Hack The Box - Jarvis - SQLi and abusing systemctl

---

Hack The Box - Bounty - Running ASPX code in web.config, and JuicyPotato

---

Hack The Box - Nibbles - Arbitrary file upload on NibbleBlog

---

Hack The Box - Optimum - Exploiting HFS, and MS16-135 via PowerShell

---

Hack The Box - Chatterbox - Customizing shellcode, and password reuse in Powershell

---

Hack The Box - Poison - LFI, SSH port forwarding, and VNC

---

Hack The Box - Bastard - Drupal RCE, and JuicyPotato

---

Hack The Box - Arctic - LFI on ColdFusion, malicious JSP payload, and JuicyPotato

---

Hack The Box - Hawk - Decrypting an OpenSSL file, Drupal PHP, and exploiting an H2 database

---