· 22 min hard Windows Interpreter
HTB: Interpreter
Pre-authentication Java deserialisation in Mirth Connect, PBKDF2 hash cracking of a dictionary password, and a Python f-string template injection in a root-owned Flask service for privilege escalation.
#htb
#windows
#custom-interpreter
#reverse-engineering +1
· 22 min hard Windows CCTV
HTB: CCTV
Default credentials on ZoneMinder, a time-based blind SQL injection to extract bcrypt hashes, SSH password reuse, and a motionEye command injection running as root through a surveillance daemon's notification configuration.
#htb
#windows
#web
#reverse-engineering +1