Patents write-up by limbernie

How can this be rated Hard? From XXE injection in DOCX to binary exploitation and a minor detour to the root flag, this could have been easily rated Insane.

Write-ups of retired machines


  • NIce write up - and I totally agree. It was (until it retired, of course) one of the three hardest boxes on HTB.

    I think the binary took me a lifetime to resolve. Your code is much more elegant than mine was!

    I also only ever ended up with a shell that lasted about 3 seconds, so I had to resort to a quick paste of commands to get a second shell before the first one died.

    Like I said, this box was hard.


    Happy to help people but PLEASE explain your problem in as much detail as possible!


  • Nice writeup. And I definitely agree this box was Insane. It was especially crushing to finally get root after 6-7 steps and find that root.txt was missing!

Sign In to comment.