This is a writeup for all the challenges that I solved in the PatriotCTF 2023. Unsupported Format — Forensics Challenge Description My friend sent me a picture of his brand new computer, but something strange happened to it and now it says “Unsupported Format” when I try to open it. Can you try to help me…

Sau is an Easy machine on Hack The Box. The machine focuses on exploiting multiple vulnerabilities in order to gain access to the machine. The privilege escalation is pretty much straight forward compared to gaining the initial access on the machine. Enumeration The first thing that we should do is check…

Keeper is an Easy machine which focuses on exploiting vulnerabilities in the KeePass password manager. The initial foothold method is also very interesting. So, let’s begin! Enumeration The first thing to do after getting the IP address would be run an nmap scan to see what ports are open on the…

PC is an easy machine on HackTheBox but I found the exploitation of this machine very different from that of other usual easy machines. Regardless, the goal is to gain root. So, let’s begin! Enumeration The first task like always is to run an nmap scan against the machine to find…

Curling is an easy level machine on HackTheBox. This machine is really interesting, especially the final privilege escalation part. This machine focuses heavily on enumeration but the actual exploitation and privilege escalation is pretty simple. Enumeration As usual, the first thing to do is just run a nmap scan against the…

Heist is an Easy level machine. This machine focuses on a lot of enumeration and brute-forcing along with some memory analysis. So, let’s begin! Enumeration The first thing that we can do is run an nmap scan against the target machine to see which ports are open and then we can…

Optimum is a Windows machine and though it is marked as easy, I think it stands somewhere between easy and medium. …

Nibbles is an easy machine which focuses a bit on enumeration and a slightly different method for privilege escalation. So, let’s begin! Enumeration The first to be done would be to determine the ports that are open on the machine. ┌──(kali㉿kali)-[~/Desktop/htb/nibbles] └─$ sudo nmap -p- -sS -T4 -oG open_ports 10.10.10.75…

Devel is a Windows based challenge and it pretty easy. It focuses on specific privilege escalation vulnerability in a specific version of Windows 7. So, let’s get started. Enumeration To determine all the services that are running on this machine we can start an nmap scan against it. ┌──(kali㉿kali)-[~/Desktop/htb/devel] └─$ sudo nmap…