HackTheBox Admirer writeup
This machine is currently active on hackthebox wait until it gets retired or if you have owned it then you need to get the Administrator NTLM hash or the root password hash from the file /etc/shadow file
This machine is currently active on hackthebox wait until it gets retired or if you have owned it then you need to get the Administrator NTLM hash or the root password hash from the file /etc/shadow file
It involves directory fuzzing and then exploiting a python function followed by some crypto.And root was interesting did it in two ways .
Nmap 7.70 Usage: nmap [Scan Type(s)] [Options] {target specification} TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc.Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254-iL : Input from list of hosts/networks-iR : Choose random targets–exclude : Exclude hosts/networks–excludefile : Exclude list from file HOST DISCOVERY: -sL: List Scan – simply list targets to scan-sn: Ping Scan – disable … Read more
Introduction It is a medium machine from the hack the box platform.Which has simple authentication bypass to upload a malicious file and then jumping a user followed by privilege escalation using SUID Steps involved 1-Port Scan2-Visiting website3-Authentication bypass4-Encoding php inside image5-Uploading malicious file and bypassing security check6-Uploading php reverse shell7-Getting full shell8-Getting db user creds9-Jumping … Read more