25Mar 2021 by admin

CyberSecLabs – Unattended

Hacking, http, metasploit, meterpreter, privilege escalation, vulnerability, Windows
Greetings everyone! Today, we'll be attacking a machine called Unattended on a platform called CyberSecLabs! So without further ado, let's jump right into it! As always, we'll start off with our trusty nmap scan! So we see a few ports open that we can start probing. We may as well start off by checking port 80 and see what we can find there! Let's plug the IP address into a web browser and see what we're greeted with. Under "Server Information", we see it displays HttpFileServer 2.3 (also noted in our nmap scan!). Let's click on it and see where it brings us. Interesting! Let's see if there are any vulnerabilities we can exploit pertaining to Rejetto. Time to fire up Metasploit! Perfect! We have our exploit selected! But let's…
Read More
09Jun 2020 by admin

TryHackMe – Alfred

meterpreter, msfvenom, Powershell, privilege escalation, Tokens, TryHackMe
Greetings everyone!In today's post, we're going to try something a little different! I've recently signed up for a new hacking training platform called TryHackMe. I've read a few posts regarding TryHackMe, and the reviews have been nothing but outstanding, so I figured let's give it a shot! In today's post, I'll be attacking the box called Alfred. So let's get to it! Alfred has an IP of 10.10.33.30. Knowing that, let's start off with an Nmap scan! Only 3 open ports are returned so we don't have a lot to work with. Let's start by browsing to port 80: RIP Bruce Wayne?? Well that's not a message I wanted to see. Did Bane (the best super-villain) finally end Batman, once and for all? Anyways, back to the mission at hand!…
Read More
07Nov 2019 by admin

Hack The Box – Grandpa

hackthebox, metasploit, meterpreter, privilege escalation
Greetings everyone! We're back with another Hack The Box walkthrough; this one is called Grandpa. So without further ado, let's jump right into it!The machine Grandpa has the IP 10.10.10.14, so let's get started with an Nmap scan. As we can see by the results returned, we don't have a lot to go on. Port 80 is open and the web service running is Microsoft IIS httpd 6.0. Let's browse to 10.10.10.14 to see if we can find anything useful! Here we are greeted with the default "under construction" portal. I ran a couple of enumeration scripts for directory brute forcing, but nothing came up. So let's fire up Metasploit and search for IIS! After a bit of research and trial and error testing, the exploit we'll be using is…
Read More
12Sep 2019 by admin

Hack The Box – Lame

hackthebox, metasploit, meterpreter, smb
Greetings everyone! We're back with another HackTheBox machine to exploit. This one is called Lame! I'm sure there is nothing lame about this box. After all; we are still getting our hands dirty with some penetration testing action! Without further delay, let's dive into it!The machine Lame has an IP Address of 10.10.10.3. Let's start an Nmap scan to see what it has for open ports and running services! As we can see from the Nmap results, we have a few options to work with. Let's start with trying to find an exploit for vsftpd 2.3.4, as we know from an earlier blog post that this can be easily exploited with Metasploit. So let's fire it up! Now let's configure the exploit via the "show options" command, and enter the…
Read More
11May 2019 by admin

Hack The Box – Devel

ftp, hackthebox, metasploit, meterpreter, privilege escalation
Happy Saturday, everyone! In today's post, I'll be attacking another system from hackthebox.eu. This one is called Devel! Let's jump right into it! Devel's IP address is 10.10.10.5, so let's start off by scanning it with Nmap in order to see what ports are open and what services are running on it. We see that port 80 is open, so we can open up a web browser and type in 10.10.10.5 to see what we can find! Okay, so we see the default page for Internet Information Services server is running. I enumerated the site a bit more, but nothing of interest was returned. Returning to our Nmap scan, we can see that FTP is also running, and allows anonymous login! So let's login! For anonymous login to work, we…
Read More