It is easy machine from hackthebox. Which includes little web directory enumeration which leads to password leaks. Then with the help of msfconsole we get initial shell . After some basic enumeration gets password for a ssh user. Followed by privilege escalation by abusing sudo rights in this it was
Introduction It is a openBSD machine which has some directory enumeration and mostly all the steps are based on enumeration.Making the initial foothold may take time but over all a great machine . Steps involved 1-Port Scan 2-Enumerating website 3-Directory enumeration 4-Making of perfect payload 5-Getting reverse shell 6-Getting webapi_user password 7-Getting ssh keys for … Read more
It is a great machine from hackthebox .The OS is Linux it includes little web enumeration which leads to explotitaion of the New management system.Further enumeration gave the creds for the user .then switching amother user with some guess work.And privilege escalation by exploiting usb-creator
Use 384##############5. use to unlock the writeup.
Introduction Column Details Name Sneakymailer IP 10.10.10.197 Points 30 Os Linux Difficulty Medium Creator Sulcud Out On 11 July 2020 Steps involved 1-Port Scan 2-Basic website enumeration 3-Sending Spoofed mail 4-Login into imap using paulbyrd creds and extracting mails 5-Login into ftp using developer creds 6-Uploading a Reverse shell through ftp 7-Subdomain enumeration 8-Getting shell … Read more
