https://www.policytopackets.com/categories/hackthebox/ Recent content in HackTheBox on Policy to Packets Hugo -- gohugo.io en reedveggleston@gmail.com (Reed Eggleston) reedveggleston@gmail.com (Reed Eggleston) © 2026 Reed Eggleston Mon, 09 Mar 2026 18:29:00 +0000 https://www.policytopackets.com/writeups/hackthebox/machines/expressway/ Mon, 09 Mar 2026 18:29:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/hackthebox/machines/expressway/ Easy Linux Box. Exploiting IKE Aggressive Mode to capture and crack a VPN PSK hash, then abusing a sudo CVE for root. https://www.policytopackets.com/writeups/hackthebox/challenges/onlyhacks/ Sat, 14 Feb 2026 18:22:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/hackthebox/challenges/onlyhacks/ Demonstrating cross-site scripting (XSS) exploitation, session cookie theft, and practical web application enumeration in a Very Easy web challenge. https://www.policytopackets.com/writeups/hackthebox/challenges/slippy/ Thu, 12 Feb 2026 21:20:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/hackthebox/challenges/slippy/ Demonstrating Zip Slip exploitation, Jinja2 SSTI abuse, and Flask-based web application compromise within a Docker environment.