https://craizy.dev/series/htb-retired/ Recent content in HTB Retired on crAIzy.dev https://craizy.dev/img/htb-default.png https://craizy.dev/ Hugo en Fri, 01 May 2026 15:29:00 +0200 https://craizy.dev/writeups/interpreter/ Fri, 01 May 2026 15:29:00 +0200 crAIzy https://craizy.dev/writeups/interpreter/ Walkthrough of Interpreter — bypassing XStream deserialization hardening in Mirth Connect 4.4.0, then escaping a character-filtered double-eval Python f-string running as root. https://craizy.dev/writeups/wingdata/ Fri, 01 May 2026 14:41:00 +0200 crAIzy https://craizy.dev/writeups/wingdata/ Walkthrough of WingData — Wing FTP Server 7.4.3 unauthenticated RCE via Lua session injection, SHA-256 password hash cracking, then Python tarfile filter bypass (CVE-2025-4517) for root via sudo. https://craizy.dev/writeups/silentium/ Fri, 01 May 2026 12:00:00 +0200 crAIzy https://craizy.dev/writeups/silentium/ Walkthrough of Silentium — Flowise unauthenticated account takeover via CVE-2025-58434, RCE confirmation via JavaScript injection, then Gogs root escalation via CVE-2025-8110 symlink attack after solving an image CAPTCHA with EasyOCR.