// SYSTEM_INFO — READ BEFORE PROCEEDING
Welcome to m4rthacks — a personal archive of CTF writeups, hacking notes, tools, and tips & tricks.
You'll find detailed walkthroughs of Capture The Flag challenges across categories like web exploitation, binary exploitation, cryptography, reverse engineering, forensics, and OSINT. Each writeup breaks down the thought process, the tools used, and the steps taken to get the flag.
Feel free to explore, learn, and hack responsibly.
WRITEUPS: 87
Hack The Box - Freelancer (Windows)
Web logic flaw leads to admin access, MSSQL xp_cmdshell gives shell, memory dump forensics leaks credentials, and RBCD path from lorra199 yields domain admin hash and final Administrator access.
Hack The Box - Boardlight (Linux)
VHost discovery leads to Dolibarr compromise via CVE-2023-30253 and root escalation through vulnerable Enlightenment SUID binaries.
Hack The Box - SolarLab (Windows)
Anonymous SMB document leak exposes credentials, ReportLab PDF injection gives code execution, then credential pivoting through app/Openfire data leads to Administrator shell.