CrewCTF 2024 writeups

Deadsec 2024 writeups

Imaginary 2024 writeups

Easy HTB machine where a website is used to reduce the size of images. Then an Image Magick exploit is used for file read vulnerability. Though that the SQLite3 database can be enumerated.

IMF is a boot2root mcahine that contains many flags. After each flag, the difficulty is increased. This machine starts with web and ends with a buffer overflow.

Keeper is an easy HTB machine which mimicks a helpdesk. I get inital access with default credentials. With that I find a comment which reveals a password that I use to login to SSH. I then use an exploit on the KeePass dump file, which gives the root putty SSH key.