https://arbaazjamadar.com/tags/facts/Recent content in Facts on Arbaaz breaks stuff | Incident Response, Threat Modeling, offensive security, CTF writeups, Security Projects, Certifications, Log analysis, SIEM Hugo -- gohugo.io enreachout@arbaazjamadar.com (Arbaaz Jamadar) reachout@arbaazjamadar.com (Arbaaz Jamadar)©2025 arbaazjamadar.comSun, 01 Feb 2026 00:00:00 +0000 https://arbaazjamadar.com/htb/hackthebox-facts/ Sun, 01 Feb 2026 00:00:00 +0000 reachout@arbaazjamadar.com (Arbaaz Jamadar) https://arbaazjamadar.com/htb/hackthebox-facts/ Improperly Controlled Modification of Dynamically-Determined Object Attributes allows privilege escalation to admin user leading to exfiltrating SSH keys from S3 Bucket and getting become the Root user by privilege escalation via misconfigured SUIDCTFCTF WriteupCloud SecurityMisconfigurationssecurity writeupHTBfactslinuxcameleon cmsMass AssignmentS3 Data LeakMisconfigured SUIDCommand InjectionLateral PivotingHTBHackTheBoxHackTheBox: factsHTB: factsInformation GatheringInitial EnumerationreversingPrivilege EscalationCTF WriteupsCloud SecurityNetwork SecurityWeb SecurityBrowsed SecurityAPI Security