<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Hack the Box on Ethical Hacking | Pentest e Sicurezza Informatica | Hackita</title><link>https://hackita.it/tags/hack-the-box/</link><description>Recent content in Hack the Box on Ethical Hacking | Pentest e Sicurezza Informatica | Hackita</description><generator>Hugo</generator><language>it</language><lastBuildDate>Thu, 16 Jul 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://hackita.it/tags/hack-the-box/index.xml" rel="self" type="application/rss+xml"/><item><title>HTB Giddy Walkthrough: SQL Injection e CVE-2016-6914</title><link>https://hackita.it/articoli/htb-giddy-walkthrough/</link><pubDate>Thu, 16 Jul 2026 00:00:00 +0000</pubDate><guid>https://hackita.it/articoli/htb-giddy-walkthrough/</guid><description>&lt;h1
 id="hack-the-box-giddy-walkthrough-privilege-escalation-via-unifi-video-service-cve-2016-6914" class="group/anchor-heading"&gt;
 Hack The Box Giddy Walkthrough: Privilege Escalation via UniFi Video Service (CVE-2016-6914)
 &lt;a href="#hack-the-box-giddy-walkthrough-privilege-escalation-via-unifi-video-service-cve-2016-6914" class="text-inherit opacity-0 group-hover/anchor-heading:opacity-100 decoration-transparent"&gt;#&lt;/a&gt;
&lt;/h1&gt;&lt;p&gt;&lt;strong&gt;Macchina:&lt;/strong&gt; Giddy (Hack The Box)
&lt;strong&gt;Difficoltà:&lt;/strong&gt; Medium
&lt;strong&gt;OS:&lt;/strong&gt; Windows
&lt;strong&gt;Tecnica chiave:&lt;/strong&gt; SQL Injection → cattura NTLMv2 → WinRM → PATH Hijacking (CVE-2016-6914)&lt;/p&gt;
&lt;hr&gt;
&lt;h2
 id="in-breve" class="group/anchor-heading"&gt;
 In breve
 &lt;a href="#in-breve" class="text-inherit opacity-0 group-hover/anchor-heading:opacity-100 decoration-transparent"&gt;#&lt;/a&gt;
&lt;/h2&gt;&lt;p&gt;Su Giddy si ottiene l&amp;rsquo;accesso iniziale sfruttando una SQL Injection nell&amp;rsquo;applicazione web per forzare il database MSSQL a connettersi via SMB verso la macchina attaccante, catturando così l&amp;rsquo;hash NTLMv2 di un utente valido. Una volta craccato l&amp;rsquo;hash e ottenuto l&amp;rsquo;accesso via WinRM, la privilege escalation a SYSTEM sfrutta &lt;strong&gt;CVE-2016-6914&lt;/strong&gt;, una vulnerabilità nel servizio Ubiquiti UniFi Video che permette di eseguire un binario arbitrario chiamato &lt;code&gt;taskkill.exe&lt;/code&gt; piazzato nella cartella di installazione del servizio, scrivibile dagli utenti a basso privilegio.&lt;/p&gt;</description></item></channel></rss>