https://iamleandrooooo.github.io/tags/hack-the-box/ Recent content in Hack-the-Box on Leandro's Code Cave Hugo en-us Thu, 21 May 2026 00:00:00 +0000 https://iamleandrooooo.github.io/posts/fireflow_fullpwn/ Thu, 21 May 2026 00:00:00 +0000 https://iamleandrooooo.github.io/posts/fireflow_fullpwn/ Challenge Description Difficulty: 🟡 Medium Since Full Pwn challenges don’t have a description like other challenges, here’s a recipe for a great Cozido à Portuguesa: Ingredients 500 g beef 1/2 chicken Pork ribs and pork ear 1 chouriço 1 morcela 1 farinheira Potatoes Carrots Cabbage Rice Salt and pepper Instructions Add the beef, chicken, and pork to a large pot with water, salt, and pepper. Boil and simmer for about 1. https://iamleandrooooo.github.io/posts/dudsat_reverse/ Wed, 20 May 2026 00:00:00 +0000 https://iamleandrooooo.github.io/posts/dudsat_reverse/ Challenge Description Category: Reverse Engineering Difficulty: 🟡 Medium Networks trust its timing. So does a clearing system that moves money across four countries. Six weeks ago someone quietly bought ORBIT-9. Last week the clearing system froze for eleven hours. Yesterday a regional airport logged position drift during a HELIOS-7 pass. Not accidents. Tests. A burned asset codenamed FERRYMAN pulled one file off an ORBIT-9 maintenance laptop before going dark. A binary, lbproc, described internally as a link budget validation tool. https://iamleandrooooo.github.io/posts/sysprobe_reverse/ Wed, 20 May 2026 00:00:00 +0000 https://iamleandrooooo.github.io/posts/sysprobe_reverse/ Challenge Category: Reverse Engineering Difficulty: 🔴 Hard Task Force Nightfall has intercepted a binary pulled from a compromised monitoring node inside a critical infrastructure operator. On the surface it is exactly what it claims to be - a routine diagnostics utility, the kind deployed silently across thousands of managed endpoints. Clean signature, legitimate-looking output, nothing that trips an alert. But the node it was found on had no business running it.