This is a CTF hosted for Nahamcon. Web Star Wars - Medium We have a webpage with a blog post with a star wars theme. We can click the only blog post this blog has. We can post a comment that a...

Knock knock! Race condition. Who’s there? In the home directories of Walk, Run and Sprint you will find a vulnerable SUID binary, the C source code and a flag. Your task is to exploit the b...

In this challenge you will explore some less common SQL Injection techniques. We have this new to-do list application, where we order our tasking based on priority! Is it really all that se...

This machine doesn’t have a website to access. In the enumeration phase, we find a unknown open port. Once we find out what this port is associated with we can move further getting a foothold and e...

SecureSolaCoders has once again developed a web application. They were tired of hackers enumerating and exploiting their previous login form. They thought a Web Application Firewall (WAF) was to...

This machine starts off with a login page for cacti. Cacti is a performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). It stores all of the necessa...

This machine starts off with a homepage for a consultancy firm. This website looks like a one-pager with mostly static content. There is a contact form that might be interesting later on. Reconn...

You and your buddy corrected the math in your physics teacher’s paper on the decay of highly excited massive string states in the footnote of a renowned publication. He’s just failed your thesis...

We created created an AI a couple years ago, but recently became self aware and now is trying to erase humanity, could you stop it? This is a medium challenge on HackTheBox and contains a webs...

Opacity is an easy machine that can help you in the penetration testing learning process. There are 2 hash keys located on the machine (user - local.txt and root - proof.txt). Can you find ...