hackthebox bounty walkthrough

Starting with nmap port 80 shows just a picture named merlin.jpg. Possibly a user in the box. Doing gobuster and scanning with .aspx extension we get two things of interest. First transfer.aspx where we can upload files and second UploadedFiles where we get to access the files we uploaded. Doing enumeration, we find that we […]

hackthebox blue walkthrough

Starting with nmap Checking the smb We can check further in Share and Users. Searching if any vulnerability is present using searchploit EternalBlue seems to be interesting. There is a Github repo to exploit this automatically. Let’s clone the repo Then follow the README and generate shellcode This will make sc_all.bin shellcode. Now run the […]