Posts

Hackthebox - Registry server

Image
Registry is retired Linux server on the HackTheBox penetration testing lab. It was marked with  Hard difficulty  and can be cracked by using vulnerabilities in Docker, Bolt CMS and  Restic backup software... There are 2 ways how to proceed with this server. The first one was to install docker on a local system and import the image found. I choose not to do this and used bit of reverse engineering & searched the image manually.  As usual, I am going to try to write the entire walkthrough as detailed as possible, so it is clear to everyone what is being done and why.  We will use/learn:  nmap, gobustDocker, White Wolf Webshell, reverse shell, Bolt CMS, Restic, port forwarding Getting User: I am going to add the server's IP (10.10.10.159) to /etc/hosts file, so I can keep using the hostname (registry.htb) instead of the IP address. Let's start with a basic enumeration of the ports & services running on the server with nmap ( Nmap ("N...
Post a Comment
Read more

Hack The Box - Sniper Server

Image
Sniper is retired (28.3.2020) Microsoft Windows server on the HackTheBox penetration testing lab. It was marked with  Medium difficulty  and can be cracked by using a vulnerability in  Windows help files...  As usual, I am going to try to write the entire walkthrough as detailed as possible, so it is clear to everyone what is being done and why.  We will use/learn:  nmap, burpsuite, samba, enum4linux, reverse shell, netcat, powershell & credentials creation from cleartext in PS, Windows Help files (*.chm) etc. Getting User: I am going to add the server's IP (10.10.10.151) to /etc/hosts file, so I can keep using the hostname (sniper.htb) instead of the IP address. Let's start with a basic enumeration of the ports & services running on the server with nmap ( Nmap ("Network Mapper") is a free and open-source utility for network discovery and security auditing.  Source .   For those not familiar with the command...
Post a Comment
Read more