hackthebox apocalyst walkthrough

Starting with masscan Two ports are open, web and ssh Browsing web, we see WordPress but site does not look good. To view it correctly we need to put following in our /etc/hosts file Then browsing the site. We can go to http://10.10.10.46/?author=1 to view the user in WordPress. This gives us user falaraki We […]

hackthebox bastard walkthrough

Starting with nmap. Scan all ports with masscan Doing another scan in open ports using default script. port 80 reveals Drupal website. Looking at CHANGELOG.txt we are using Drupal version 7.54. Simple Google searching, we found another exploit here. Oopss!! let me try that again. Sweet! I am iusr. what can I do?? Let’s grab […]

hackthebox arctic walkthrough

Starting with nmap Only three ports are open. On browsing http://10.10.10.11:8500 , we see two directories. These two folders represent ColdFusion. http://10.10.10.11:8500/CFIDE/administrator reveals following page: Coldfusion 6-10 is vulnerable to LFI attack. From the above screenshot, we know we have CF version is 8. We will use the following as suggested here. http://10.10.10.11/CFIDE/administrator/enter.cfm?locale=…………….\ColdFusion8\lib\password.properties%00e​n From above […]

hackthebox lame walkthrough

hackthebox linux machine

Start the hack with nmap We see the port 21 is open. Lets search for the version in searchploit The FTP is vulnerable and we could get the RCE but for some reason, it didn’t work. Moving on to samba. Lets use smbmap We have access to the tmp. Again, using smbclient to explore further. […]

hackthebox devel walkthrough

Start the hack with nmap Check if we have anonymous access or not. Nice, we have anonymous. Further, check if we can write there or not. I already have tested and it came positive. HTTP shows the server has IIS installed. We can upload the aspx webshell from FTP and try to access it from […]