In this section, I aim to document the process of compromising various targets on the HacK the Box platform using the Kali Linux distribution. This will be accomplished through thorough research and analysis of the target systems and their vulnerabilities. I will take a methodical approach in working through each target, striving to gain a comprehensive understanding of the attack vectors and vulnerabilities present. The targets will include both Windows and Linux Machines
Enumeration Nmpa scan output – full scan # Nmap 7.94SVN scan initiated Fri Nov 10 07:23:29 2023 as: nmap -vv –reason -Pn -T4 -sV -sC –version-all -A –osscan-guess -p- -oN /home/kali/HTB/chatterbox/results/10.10.10.74/scans/_full_tcp_nmap.txt -oX /home/kali/HTB/chatterbox/results/10.10.10.74/scans/xml/_full_tcp_nmap.xml 10.10.10.74 Increasing send delay for 10.10.10.74 from 0 to 5 due to 11 out of 11 dropped probes since last increase. Nmap… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types…… Continue reading
Enumeration this is a test to see if it updated on wordpress Nmap scan # Nmap 7.94 scan initiated Wed Nov 8 04:55:31 2023 as: nmap -vv –reason -Pn -T4 -sV -sC –version-all -A –osscan-guess -oN /home/kali/HTB/bastard/results/10.10.10.9/scans/_quick_tcp_nmap.txt -oX /home/kali/HTB/bastard/results/10.10.10.9/scans/xml/_quick_tcp_nmap.xml 10.10.10.9 Nmap scan report for 10.10.10.9 Host is up, received user-set (0.31s latency). Scanned at 2023-11-08… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types… Continue reading
Nmap scan ╰─$ nmap -sV -sC -oA slort 192.168.180.53 -Pn Starting Nmap 7.94 ( https://nmap.org ) at 2023-10-08 02:17 EDT Nmap scan report for 192.168.180.53 Host is up (0.28s latency). Not shown: 993 closed tcp ports (conn-refused) PORT STATE SERVICE VERSION 21/tcp open ftp FileZilla ftpd 0.9.41 beta | ftp-syst: |_ SYST: UNIX emulated by… Continue reading
In this practice box from Hack The Box (HTB), we explore one of the machines from TJNull’s list, which is widely recognized as part of the essential preparation for the Offensive Security Certified Professional (OSCP) exam. TJNull’s curated list is designed to help individuals hone their penetration testing skills and get accustomed to the types…… Continue reading
nmap scan # Nmap 7.94 scan initiated Thu Oct 5 23:02:59 2023 as: nmap -sV -sC -oA jacko -Pn 192.168.180.66 Nmap scan report for 192.168.180.66 Host is up (0.28s latency). Not shown: 995 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 80/tcp open http Microsoft IIS httpd 10.0 |_http-title: H2 Database Engine (redirect) | http-methods:… Continue reading
Nmap scan kali@kali ~/HTB/intelligence/intelligence2 ▶ nmap -sV -sC -oA intelligence $IP -Pn Starting Nmap 7.94 ( https://nmap.org ) at 2023-10-02 06:43 EDT Nmap scan report for intelligence.htb (10.10.10.248) Host is up (0.28s latency). Not shown: 988 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 80/tcp open http… Continue reading
nmap scan ┌──(kali㉿kali)-[~/HTB/Monteverde] └─$ nmap -sV -sC -oA mantis 10.10.10.172 -pn Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-24 07:41 EDT zsh: segmentation fault nmap -sV -sC -oA mantis 10.10.10.172 -pn ┌──(kali㉿kali)-[~/HTB/Monteverde] └─$ nmap -sV -sC -oA Monteverde 10.10.10.172 -Pn Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-24 07:41 EDT Nmap scan report for 10.10.10.172… Continue reading
nmap scan └─$ nmap -sV -sC -oA mantis 10.10.10.52 -Pn Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-17 22:55 EDT Nmap scan report for 10.10.10.52 Host is up (0.34s latency). Not shown: 981 closed tcp ports (conn-refused) PORT STATE SERVICE VERSION 53/tcp open domain Microsoft DNS 6.1.7601 (1DB15CD4) (Windows Server 2008 R2 SP1) | dns-nsid:… Continue reading
Nmap scan Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-15 08:42 EDT Nmap scan report for 10.10.10.169 Host is up (0.30s latency). Not shown: 990 closed tcp ports (conn-refused) PORT STATE SERVICE VERSION 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2023-09-15 12:50:59Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn… Continue reading
This is a windows machine from hack the box. Nmap scan ┌──(kali㉿kali)-[~/HTB/timelapse] └─$ nmap -sV -sC -oA cascade 10.10.11.152 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-14 08:17 EDT Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in… Continue reading
This is a windows machine from hack the box. Nmap scan └─$ nmap -sV -sC -oA cascade 10.10.10.182 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-11 05:46 EDT Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 3.97… Continue reading
This is a windows machine from hack the box. nmap scan ┌──(kali㉿kali)-[~/HTB/blackfield] └─$ nmap -sV -sC -oA blackfield 10.10.10.192 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-09 21:19 EDT Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in… Continue reading
This is a windows machine from hack the box. Nmap scan └─$ nmap -sV -sC -oA active 10.10.10.161 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-06 06:08 EDT Nmap scan report for 10.10.10.161 Host is up (0.34s latency). Not shown: 989 closed tcp ports (conn-refused) PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus… Continue reading
This is a windows machine from hack the box. nmap -sV -sC -oA sauna 10.10.10.175 Starting Nmap 7.94 ( https://nmap.org ) at 2023-08-27 22:55 EDT Stats: 0:00:26 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan Service scan Timing: About 22.22% done; ETC: 22:56 (0:00:21 remaining) Nmap scan report for 10.10.10.100 Host is up… Continue reading
This is a windows machine from hack the box. # Nmap 7.94 scan initiated Fri Aug 25 01:40:28 2023 as: nmap -sV -sC -oA sauna 10.10.10.175 Nmap scan report for 10.10.10.175 Host is up (0.28s latency). Not shown: 988 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 80/tcp open… Continue reading
This box is from TryHackMe Connect the VPN and do some Nmap enumeration SSH and Port 80 Open Nothing interesting on the web page Checking the page source we can see a reference to a “Jessie” which we can assume is a user of this box Nothing interesting from nikto Did a dirb on the… Continue reading
Create Directory, and ran nmap scan Nmap scan results Only SSH and Port 80 running Checking Web on Port 80. Nothing interesting even checking the page source Doing a Nikto scan we can see that there is PHP/8.1.0-dev Searching this on exploitDB we find an RCE Download the file to the directory Download the file… Continue reading
In this blog post, we take a look at the Legacy Windows machine on the “Hack the Box” platform. The writeup was completed on January 23rd, 2023 and highlights the importance of enumeration in penetration testing. By utilizing the –vuln script during the enumeration process, we were able to gather crucial information that ultimately led… Continue reading