Les start with masscan Only two ports open. Now lets try with nmap It gives the same result. However, we should take a note of the following line from the above result |_http-title: Did not follow redirect to http://forwardslash.htb Append the following line in your /etc/hosts file forwardslash.htb As we all know port 22 […]

hackthebox openadmin writeup / walkthrough

Starting with nmap Two ports are open. One is for web ie 80 and another is for SSH ie 22 Lets see what we have in port 80 Apache default page is what we get here. Nothing interesting. We can however run dir buster here. I found few other directory. You can run dirb as […]

Start with nmap Only two ports are open. Nmap reveals SSH and HTTP version. Lets use gobuster. We found that the server is hosting torrent hoster. Check if we find any vulnerability using searchpolit. Found one, but not sure how it works. Send me the link on how to use it in the comment. In […]

hackthebox linux machine

Start the hack with nmap We see the port 21 is open. Lets search for the version in searchploit The FTP is vulnerable and we could get the RCE but for some reason, it didn’t work. Moving on to samba. Lets use smbmap We have access to the tmp. Again, using smbclient to explore further. […]

Start the hack with nmap Check if we have anonymous access or not. Nice, we have anonymous. Further, check if we can write there or not. I already have tested and it came positive. HTTP shows the server has IIS installed. We can upload the aspx webshell from FTP and try to access it from […]

In ctf after you get a shell you may want to see if you can upgrade to a full tty shell. You can find many ippsec videos on youtube doing this. First see if there is python or not

If it is available, type following command to get bash shell. There is another post […]