Tag: XXE

• Bounty Hunter – HackTheBox

  Started out with my standard nmap scan: So SSH and port 80 is open, so I’ll just go check out that web server. Within it there’s a directory that looks like it leads to a db search: I captured some test data from this in Burp: So I notice a couple things. One is that…

  Captain Nemo

  October 22, 2021

  HackTheBox, Write-Ups

  HackTheBox, python, sudo, XXE