Hey, I’m Jashid

How I discovered a DLL hijacking vulnerability in CactusViewer v2.3.0, built a proof of concept, and submitted it for a CVE ID.

Introduction Bashed is a Linux machine on HackTheBox that demonstrates the dangers of leaving development tools exposed on production servers. We’ll discover an exposed web shell, then escalate privileges through sudo misconfigurations and a root cron job. Difficulty: Easy OS: Linux Skills: Web enumeration, sudo abuse, cron job exploitation Reconnaissance Nmap Scan nmap -sC -sV -oN nmap/bashed 10.129.2.11 Results: Port Service Version 80 HTTP Apache 2.4.18 (Ubuntu) Only one port open - this is a web-focused box. The page title mentions “Arrexel’s Development Site”. ...

Introduction Devel is a Windows machine on HackTheBox that demonstrates a classic attack chain: anonymous FTP access to a web server’s root directory, allowing us to upload a malicious web shell. We then exploit an unpatched Windows 7 system using a kernel vulnerability to gain SYSTEM privileges. Difficulty: Easy OS: Windows Skills: FTP enumeration, web shell upload, Windows kernel exploitation Reconnaissance Nmap Scan nmap -sC -sV -oN nmap/devel 10.129.2.19 Port Service Version 21 FTP Microsoft ftpd 80 HTTP Microsoft IIS 7.5 Key finding from Nmap: ...

Introduction Forest is a Windows Active Directory Domain Controller on HackTheBox. This box demonstrates common AD misconfigurations and attack paths including AS-REP Roasting, privileged group abuse, and DCSync attacks. Difficulty: Easy OS: Windows Skills: AD Enumeration, AS-REP Roasting, Privilege Escalation, DCSync Reconnaissance Nmap Scan nmap -sC -sV -Pn 10.129.1.248 Key findings: Port Service Significance 53 DNS Domain Controller 88 Kerberos AD Authentication 135 RPC Windows RPC 389/3268 LDAP AD Directory 445 SMB File sharing 5985 WinRM Remote management Domain: htb.local Computer: FOREST.htb.local ...

Introduction Optimum is a Windows machine on HackTheBox that features a vulnerable HttpFileServer application and privilege escalation through kernel exploitation. This box teaches the importance of checking software versions and using enumeration tools to find the right kernel exploit. Difficulty: Easy OS: Windows Skills: Version-based exploitation, kernel exploit enumeration, Windows privilege escalation Reconnaissance Nmap Scan nmap -sC -sV -oN nmap/optimum 10.129.2.30 Port Service Version 80 HTTP HttpFileServer 2.3 Only one port open running HFS 2.3 (HttpFileServer). When we see specific software with version numbers, we immediately check for known exploits. ...

Introduction Shocker is a Linux machine on HackTheBox that teaches the infamous Shellshock vulnerability (CVE-2014-6271). The box name itself is a hint at the attack vector. We’ll exploit a vulnerable CGI script to gain initial access, then abuse sudo permissions on Perl to escalate to root. Difficulty: Easy OS: Linux Skills: CGI enumeration, Shellshock exploitation, sudo abuse Reconnaissance Nmap Scan nmap -sC -sV -oN nmap/shocker 10.129.2.16 Port Service Version 80 HTTP Apache 2.4.18 (Ubuntu) 2222 SSH OpenSSH 7.2p2 Two ports open. SSH on a non-standard port (2222 instead of 22) and Apache web server. ...

Introduction Blue is a Windows machine on HackTheBox that’s vulnerable to EternalBlue (MS17-010) the same exploit used in the devastating WannaCry ransomware attack in 2017. This box is a great introduction to exploiting SMB vulnerabilities and understanding why patching is critical. Difficulty: Easy OS: Windows Skills: SMB enumeration, EternalBlue exploitation Reconnaissance Nmap Scan Started with a standard nmap scan to identify open ports and services: nmap -sC -sV -Pn 10.129.4.126 Key findings: ...

Introduction A PE (Portable Executable) file is the format Windows uses for executables (.exe), DLLs (.dll), and other binary files. If you want to understand how Windows works under the hood, whether for malware analysis, reverse engineering, or offensive security, understanding PE structure is essential. In this post, I’ll walk through building a PE parser from scratch in C, explaining each component along the way. What is a PE File? Every time you run a program on Windows, the OS loader reads the PE file and maps it into memory. The PE format tells Windows: ...