30Mar 2020 by admin

Hack The Box – Jerry

apache, hackthebox, msfvenom, shell
Greetings, everyone! After a long, long break, I've decided to return to the wonderful world of blogging my experiences on Hack the Box! I'm currently knees deep in course material for Offensive Security's OSCP certification, so I figured this would be a nice break from it! So without further ado, let's get into it! The box I've decided to attack for this post is called Jerry, and has the IP of 10.10.10.95. Let's start off with an Nmap scan: Only one port open: 8080. Well let's check it out to see what we can find! We're brought to an Apache Tomcat configuration page! After poking around for a bit on the landing page, the tab "Manager App" looks the most promising. Let's click on that tab and see what happens:…
Read More
07Nov 2019 by admin

Hack The Box – Grandpa

hackthebox, metasploit, meterpreter, privilege escalation
Greetings everyone! We're back with another Hack The Box walkthrough; this one is called Grandpa. So without further ado, let's jump right into it!The machine Grandpa has the IP 10.10.10.14, so let's get started with an Nmap scan. As we can see by the results returned, we don't have a lot to go on. Port 80 is open and the web service running is Microsoft IIS httpd 6.0. Let's browse to 10.10.10.14 to see if we can find anything useful! Here we are greeted with the default "under construction" portal. I ran a couple of enumeration scripts for directory brute forcing, but nothing came up. So let's fire up Metasploit and search for IIS! After a bit of research and trial and error testing, the exploit we'll be using is…
Read More
12Sep 2019 by admin

Hack The Box – Lame

hackthebox, metasploit, meterpreter, smb
Greetings everyone! We're back with another HackTheBox machine to exploit. This one is called Lame! I'm sure there is nothing lame about this box. After all; we are still getting our hands dirty with some penetration testing action! Without further delay, let's dive into it!The machine Lame has an IP Address of 10.10.10.3. Let's start an Nmap scan to see what it has for open ports and running services! As we can see from the Nmap results, we have a few options to work with. Let's start with trying to find an exploit for vsftpd 2.3.4, as we know from an earlier blog post that this can be easily exploited with Metasploit. So let's fire it up! Now let's configure the exploit via the "show options" command, and enter the…
Read More
08Jul 2019 by admin

Hack The Box – Mirai

hackthebox, http, privilege escalation, ssh
Greetings everyone! Sorry for the long delay, but I'm back with a hot new walkthrough of a Hack the Box machine; this one is called Mirai! For those of you not familiar with Mirai, it's a strain of malware that was responsible for a massive botnet that infected IoT (Internet of Things) devices, which in turn resulted in massive DDoS attacks. Knowing this information, we may be dealing with an IoT device on this box! Let's get started!Mirai is located at 10.10.10.48, so let's get the ball rolling with an nmap scan: Alright so the first thing that jumps out is that port 80 is open, so let's start enumerating it to see if we can pull some more information. We can use Nikto for this: Look at this! Right…
Read More
11May 2019 by admin

Hack The Box – Devel

ftp, hackthebox, metasploit, meterpreter, privilege escalation
Happy Saturday, everyone! In today's post, I'll be attacking another system from hackthebox.eu. This one is called Devel! Let's jump right into it! Devel's IP address is 10.10.10.5, so let's start off by scanning it with Nmap in order to see what ports are open and what services are running on it. We see that port 80 is open, so we can open up a web browser and type in 10.10.10.5 to see what we can find! Okay, so we see the default page for Internet Information Services server is running. I enumerated the site a bit more, but nothing of interest was returned. Returning to our Nmap scan, we can see that FTP is also running, and allows anonymous login! So let's login! For anonymous login to work, we…
Read More
01May 2019 by admin

Hack The Box – Irked

hackthebox, http, metasploit, privilege escalation, ssh
Greetings everyone! In today's post, I'll be changing things up by attacking a system that can be found on a website called hackthebox.eu. I'm fairly new to this site, but essentially the premise is that you can connect to their servers via VPN, and attempt to hack the systems, by grabbing a user flag and a root flag, and uploading them to your profile! This system is called Irked, so let's get to it! After establishing a VPN connection to the HTB server, we can see that our IP is 10.10.14.16, and the machine called Irked is at 10.10.10.117. Knowing this information, we'll start things off with an nmap scan with the command nmap -A -T4 -p- 10.10.10.117. We see that port 80 is open, so of course we're going…
Read More