Tag: ai-security

All the articles with the tag "ai-security".

• HTB Responder — LFI to NTLM Hash Capture

  10 May, 2026

  HackTheBox Responder exploits an LFI vulnerability to force the Windows server to authenticate to a rogue SMB server, capturing and cracking the administrator's NetNTLMv2 hash. The same pattern — user-controlled input redirecting an authenticated outbound connection — shows up in LLM agents leaking API tokens via prompt injection.

• HTB Crocodile — The Credential Chain

  9 May, 2026

  HackTheBox Crocodile chains anonymous FTP credential disclosure into a hidden web admin login. Same structural failure shows up in agentic systems when leaked API keys legitimately authenticate into production tool-use endpoints.

• HTB Sequel — Blank Root on MariaDB

  9 May, 2026

  HackTheBox Sequel exploits a MariaDB instance bound to the public interface with a blank-password root account. Same structural failure as agentic systems wired with admin-level API tokens that any caller can trigger.

• HTB Appointment — SQL Injection Skips the Lock

  15 Apr, 2026

  HackTheBox Appointment exploits a login form that concatenates user input directly into a SQL query. One comment character silences the password check entirely — the same structural failure that makes LLM agents vulnerable to prompt injection.

• HTB Preignition — Finding the Door They Forgot

  6 Apr, 2026

  HackTheBox Preignition combines directory enumeration with default credentials to compromise an nginx web server. The same attack pattern — find the management interface, try the default key — is how AI agent tool endpoints get compromised in practice.

• HTB Dancing — When the File Share Has No Lock

  3 Apr, 2026

  HackTheBox Dancing exploits unauthenticated SMB share access on a Windows host. The failure — a storage layer with no credential gate — is structurally identical to the unprotected vector databases and RAG retrieval endpoints showing up in production AI deployments.

• HTB Redeemer — Reading an Agent's Memory

  13 Mar, 2026

  HackTheBox Redeemer exploits unauthenticated Redis to enumerate and extract stored keys. In agentic AI systems, an open Redis instance doesn't just leak cached data — it exposes the agent's working memory, and with write access, lets an attacker inject false context the agent will act on.

• HTB Fawn — The FTP Door Left Open

  9 Mar, 2026

  HackTheBox Fawn exploits anonymous FTP login on vsftpd 3.0.3. The same pattern — a data store designed for openness that was never locked down — maps directly to unauthenticated vector databases in production AI deployments.