Lab Portfolio
A collection of my Hack The Box writeups with brief summaries and links to full reports.


Lab: Make Sense
Completed the linux machine by utilizing: WordPress enumeration, stored XSS, browser automation abuse, Chrome DevTools Protocol exploitation, and OCR-to-PHP root code execution in a full end-to-end Linux compromise.


Lab: Paperwork
Compromised the “Paperwork” machine by exploiting a vulnerable legacy print service, pivoting through an internal printer-management interface, and chaining multiple misconfigurations to achieve full system access.
Lab Summaries
Vaccine Lab Summary
Completed the Hack The Box Vaccine machine in an authorized lab environment and documented the full attack chain from initial reconnaissance through root access.
The assessment began with service enumeration that identified anonymous FTP access and an exposed password-protected application backup. I extracted the archive hash with zip2john, recovered the password using John the Ripper, and reviewed the exposed PHP source code. The source revealed hardcoded authentication data and an MD5 password hash, which I cracked with Hashcat to access the administrative dashboard.
After authenticating, I identified a vulnerable search parameter and used Burp Suite and SQLMap to confirm PostgreSQL SQL injection. The database privileges allowed operating-system command execution, resulting in a reverse shell as the postgres user.
Post-exploitation enumeration revealed hardcoded database credentials that were reused for SSH access. I then identified an unsafe sudo permission allowing vi to run as root and used its shell functionality to obtain root access.
Skills Demonstrated
Network and service enumeration
Anonymous FTP assessment
Password-hash extraction and cracking
PHP source-code review
Web authentication analysis
Burp Suite request inspection
PostgreSQL SQL injection testing
Linux reverse-shell access
Credential-reuse analysis
SSH access and post-exploitation enumeration
Linux sudo privilege escalation
Vulnerability remediation and technical documentation
Tools Used
Nmap, FTP, zip2john, John the Ripper, Hashcat, Burp Suite, SQLMap, Netcat, SSH, and Linux command-line utilities.

