Interpreter
Box info | OS: Linux (Debian 12) | Difficulty: Medium | Status: Retired Skills: Java XStream deserialization analysis, source code review, Python f-string double-eval injection, SUID bash escalation, base64 filter ……
Linux
WingData
Box info | OS: Linux (Debian 12) | Difficulty: Easy | Status: Retired Skills: Wing FTP Server Lua session injection, SHA-256 salt hash cracking, Python tarfile symlink/hardlink path traversal, VPN MTU troubleshooting ……
Silentium
Box info | OS: Linux (Ubuntu 24.04, kernel 6.8.0-107-generic) | Difficulty: Easy | Status: Retired Skills: Flowise API authentication bypass, JavaScript IIFE injection, OCR CAPTCHA solving, Gogs symlink privilege ……
HTB STARTING POINT · Tier 2
Oopsie
IDOR in a cookie flips guest to super-admin, a SUID binary with system() calls cat via $PATH — two rookie mistakes that cascade to root.…
HTB STARTING POINT · Tier 1
Ignition
Virtual host discovery finds the Magento admin panel on a non-default hostname; qwerty123 completes the chain — two recon steps, one flag.…
HTB STARTING POINT · Tier 1
Funnel
Anonymous FTP leaks credentials; SSH login reveals a PostgreSQL container reachable via local port forwarding — the flag is a database row.…
HTB STARTING POINT · Tier 1
Kobold
SVG with embedded JavaScript uploads to a ticketing system. When the admin previews the attachment, XSS fires in their browser and exfiltrates session cookie. Cookie replay gives admin access and SSH credentials.…
HTB STARTING POINT · Tier 1
Crocodile
Anonymous FTP drops a credentials file; those credentials unlock an HTTP admin panel — two individually boring findings combine into a full chain.…
HTB STARTING POINT · Tier 1
Sequel
MariaDB root with no password on port 3306 — from initial banner grab to database enumeration to flag extraction, no exploit required.…