Skip to main content

🔧Hack The Box

Comments

Post a Comment

Popular posts from this blog

HackTheBox Active Machine Walkthrough - Knife 🗡️

😍A knife is only as good as the one who wields it Hocho Knife #Easy #Linux Machine created by MrKN16H went live 22 May 2021 at 19:00:00 UTC. 😜Let's Start the journey..... 🔐Enumeration🔰 💉From Dmitry result one thing caught my and that is it an apache httpd server instead of regular nginx in all the HackTheBox Machine. 🔰We can find 2 Open Ports. In Port 80 We can see web page. 🔧As the latest release for apache httpd is 2.4.46 there could be a known vuln in 2.4.41 so I looked for it on web. 🗽Looking for it I stumbled around this Rapid7 Post https://www.rapid7.com/db/vulnerabilities/apache-httpd-cve-2020-1934/. 🔰But there is one concerning thing about this exploit you need to have mod_proxy_ftp module running and have FTP backend which we know nothing of. 🖥️Web-Visting🛡️ 🤔We can find this static page and nothing  interesting in it.  🔐Looking the source code found pen.js which looked interesting but after looking at it got nothing interesting. Also added knife.htb in /etc/h...
6 comments
Read more

HackTheBox Walkthrough - Explore

🛡️Types of OS : Android 🌞Released on : 26th June 2021 ☢️Difficulty : Easy 👍Point: 20 💉Running nmap scan: nmap -vv — reason -Pn -A — osscan-guess — version-all -p- $IP -oN Explore.nmap nmap_scan.report 💉Running the nmap scan gives four ports port 2222 — ssh port 59777 — http port 5555 — adbshell {This can be found by looking on  google } adb_shell_port ☢️Running FFUF ffuf -u  http://explore.htb:59777/FUZZ  -w /usr/share/wordlists/dirb/big.txt -t 200 -c ffuf_scan 😃Lets visit the web-page 😜As you can see its showing forbidden. So lets try some other directory. 😃And we get the same results. Lets try to enumerate port 59777 which service uses this port on android. ☺️we get this article from  Daily-Swigg  which explain the vulnerability in ES File explorer which exposes user data on open port and anyone can read it. 😏Lets try running FFUF on  http://explore.htb:59777/sdcard/ ffuf_sdcard 😏Look like we found our first flag. So easy 😁The POC for the above vulnerability can be found o...
3 comments
Read more

HacktheBox Walkthrough - Shoppy

🟥Name ➡️ Shoppy 🟥Release Date ➡️ 17 Sep 2022 🟥Retire Date ➡️ 14 Jan 2023 🟥OS  ➡️ Linux 🟥Base Points Easy ➡️ [20] 🟥First Blood User 6 mins, 03 seconds 22sh 🟥First Blood Root 12 mins, 37 seconds 22sh 👉Shoppy was much easier to exploit From there, I’ll need the lighest of reverse enginnering to get a static password from a binary, which gets me to the next user. 👉I’ll start by finding a website and use a NoSQL injection to bypass the admin login page, and another to dump users and hashes. 👉This user is in the docker group, so I’ll load an image mounting the host file system, and get full disk access. 👉Shoppy was one of the easier HackTheBox weekly machines to exploit, though identifying the exploits for the initial foothold could be a bit tricky. 👉With a cracked hash, I’ll log into a Mattermost server where I’ll find creds to the box that work for SSH. 👉In Beyond Root, a video walkthrough of the vulnerable web-server code, showing how the injections worked, an...
Post a Comment
Read more