🛡️Types of OS : Android 🌞Released on : 26th June 2021 ☢️Difficulty : Easy 👍Point: 20 💉Running nmap scan: nmap -vv — reason -Pn -A — osscan-guess — version-all -p- $IP -oN Explore.nmap nmap_scan.report 💉Running the nmap scan gives four ports port 2222 — ssh port 59777 — http port 5555 — adbshell {This can be found by looking on google } adb_shell_port ☢️Running FFUF ffuf -u http://explore.htb:59777/FUZZ -w /usr/share/wordlists/dirb/big.txt -t 200 -c ffuf_scan 😃Lets visit the web-page 😜As you can see its showing forbidden. So lets try some other directory. 😃And we get the same results. Lets try to enumerate port 59777 which service uses this port on android. ☺️we get this article from Daily-Swigg which explain the vulnerability in ES File explorer which exposes user data on open port and anyone can read it. 😏Lets try running FFUF on http://explore.htb:59777/sdcard/ ffuf_sdcard 😏Look like we found our first flag. So easy 😁The POC for the above vulnerability can be found o...
HTB{Welcome To My Cyber Security Space}