Hack The Box – Percetron
Full Web Exploitation Writeup (SSRF → HAProxy Bypass → MongoDB Wire Protocol → Neo4j Cypher Injection → Command Injection → RCE)
Full Web Exploitation Writeup (SSRF → HAProxy Bypass → MongoDB Wire Protocol → Neo4j Cypher Injection → Command Injection → RCE)
Stored XSS exploitation via polyglot WAV file upload, strict CSP bypass using script-src self, Puppeteer admin bot abuse, and flag exfiltration through agent-controlled fields.
CSP evaluator SSRF via localhost blacklist bypass, then time-based regex (ReDoS) exfiltration against a secret validation endpoint to recover the flag.
Abusing NaN behavior in Python JSON handling to bypass score validation and instantly claim the flag.
Web Exploitation Writeup (SSRF + SQLi bypass to leak internal admin secrets)
glibc 2.23 heap exploitation with an off-by-one overflow, unsorted-bin leaks, fastbin manipulation, stack chunk placement, and __free_hook → system.