[HTB] JSON — Write-up (OSWE-Prep)

8 min readApr 13, 2021

--

Json was a medium difficulty Windows box. Good learning path for:

JSON-based deserialization (Bearer: header)
JuicyPotato Exploit (SeImpersonatePrivilege)

Initial Recon

Nmap

# nmap -Pn --open -sC -sV -p- -T4 10.10.10.158PORT     STATE  SERVICE      VERSION
21/tcp…

bigb0ss

Written by bigb0ss

OSWE | OSCE | OSCP | CREST | Lead Offensive Security Engineer — All about Penetration Test, Red Team, Cloud Security, Web Application Security

Help
Status
About
Careers
Blog
Privacy
Terms
Text to speech
Teams