Blue (Easy) Box Blue is an easy machine on HTB. It covers the MS17_010 exploit, also known as the EternalBlue exploit. Initial Foothold & Escalation According to the description, this machine is vulnerable to the EternalBlue exploit. We need to make sure that at least the SMB port 445 is open. …

Crafty (Easy) Box Overall a very fun box. Crafty is a retired box that explores a Log4j vulnerability present in a 1.16.16 Minecraft Server. Initial Foothold Reading the description, the box has a pre-auth Log4j vulnerability. But before going into that, we should scan the ports. sudo nmap …

Sneaky (Medium) Box Sneaky is a retired box focusing on IPv6 connections and buffer overflow vulnerabilities. Initial Foothold Enumerating through the box, we see there is an HTTP server available. Let’s fuzz this and see if we can find anything. After fuzzing, we see that there is a /dev page …