# Hack The Box

- [Linux Machines](/notes/writeups/hack-the-box/linux-machines.md)
- [Easy](/notes/writeups/hack-the-box/linux-machines/easy-linux.md)
- [Traceback](/notes/writeups/hack-the-box/linux-machines/easy-linux/traceback.md)
- [Medium](/notes/writeups/hack-the-box/linux-machines/medium.md)
- [Magic](/notes/writeups/hack-the-box/linux-machines/medium/magic.md): SQL injection, PHP reverse shell upload, mysqldump and PATH injection
- [UpDown](/notes/writeups/hack-the-box/linux-machines/medium/updown.md): LFI to RCE using PHAR files while bypassing disabled\_functions, followed by abuse of SUID and sudo.
- [Hard](/notes/writeups/hack-the-box/linux-machines/hard.md)
- [Intense](/notes/writeups/hack-the-box/linux-machines/hard/intense.md): SQL Injection, Hash Length Extension, LFI and binary exploitation
- [Challenges](/notes/writeups/hack-the-box/challenges.md)
- [Web](/notes/writeups/hack-the-box/challenges/web.md)
- [Looking Glass](/notes/writeups/hack-the-box/challenges/web/looking-glass.md)
- [Sanitize](/notes/writeups/hack-the-box/challenges/web/sanitize.md)
- [Baby Auth](/notes/writeups/hack-the-box/challenges/web/baby-auth.md)
- [Baby Website Rick](/notes/writeups/hack-the-box/challenges/web/baby-website-rick.md)
- [Pwn](/notes/writeups/hack-the-box/challenges/pwn.md)
- [Dream Diary: Chapter 1](/notes/writeups/hack-the-box/challenges/pwn/dream-diary-chapter-1.md)
- [Unlink Exploit](/notes/writeups/hack-the-box/challenges/pwn/dream-diary-chapter-1/unlink-exploit.md)
- [Chunk Overlap](/notes/writeups/hack-the-box/challenges/pwn/dream-diary-chapter-1/chunk-overlap.md)
- [Ropme](/notes/writeups/hack-the-box/challenges/pwn/ropme.md)