Blogs

HTB Season 10: WingData

February 14, 2026 · 1 min read

A Linux Easy machine with an exposed FTP service, some credential work, and a sudo misconfiguration that makes the privesc almost too clean.

HTB: Conversor

February 13, 2026 · 4 min read

A Linux Medium built around a file conversion web app. XSLT injection lets you write files to a cron-watched directory, and a vulnerable needrestart version gets you to root.

HTB Season 10: Pterodactyl

February 7, 2026 · 1 min read

A Linux Medium built around a game server management panel. Exploitation leads through database access all the way to root, with a couple of interesting hops in between.