OSS has taken part in various competitions and is very active in online CTFs and HTB challenges. Although many think it is just hacking, that is not the case. In most of these events, the hacking is around 40% to 50% of the work, while the rest of it is writing reports. Here are a few examples of previous reports that we have done in the past.

htb logo_edited.png

Table of Contents

  • HTB Write Up

    • HTB Linux machine Difficulty: Easy

    • Initial Foothold - SQL Injection.

    • Privilege Escalation - Hijack Command Execution by Path Interception

  • HTB Jarvis

    • HTB Linux machine Difficulty: Medium

    • Initial Foothold - SQL Injection through GET parameter.

    • Privilege Escalation - Exploiting SUID systemctl

  • HTB Networked

    • HTB Linux machine Difficulty: Easy

    • Initial Foothold - File upload bypass vulnerability.

    • Privilege Escalation - Unsanitized user input injection

  • HTB Swag Shop

    • HTB Linux machine Difficulty: Easy

    • Initial Foothold - RCE via an outdated version of Magento

    • Privilege Escalation - Manipulating a misconfiguration in /etc/sudoers

  • HTB Laboratory

    • HTB Windows machine Difficulty: Easy

    • Initial Foothold - Client-Side Attacks

    • Privilege Escalation -SUID

  • HTB Doctor

    • HTB Linux machine Difficulty: Easy

    • Initial Foothold - Server-Side Template Injection

    • Privilege Escalation - Command Injection

  • HTB Academy

    • HTB Linux machine Difficulty: Easy

    • Initial Foothold - RoleID

    • Privilege Escalation - Privesc mrb3n → Root

  • Student Projects