Boot2Root

Shocker - HackTheBox

Mar 21, 2021

Info Machine Profile Recon Nmap scan shows 2 open ports: Starting Nmap 7.91 ( https://nmap.org ) at 2020-11-11 21:20 AEDT Nmap scan report for 10-10-10-56.tpgi.com.au (10.10.10.56) Host is up (0.015s latency). PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) |_http-server-header: Apache/2.4.18 (Ubuntu) |_http-title: Site doesn't have a title (text/html). 2222/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 c4:f8:ad:e8:f8:04:77:de:cf:15:0d:63:0a:18:7e:49 (RSA) | 256 22:8f:b1:97:bf:0f:17:08:fc:7e:2c:8f:e9:77:3a:48 (ECDSA) |_ 256 e6:ac:27:a3:b5:a9:f1:12:3c:34:a5:5d:5b:eb:3d:e9 (ED25519) Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Service detection performed.…more

Valentine - HackTheBox

Mar 17, 2021

Info Machine Profile Reconnaissance Initial nmap scan shows the following: PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.9p1 Debian 5ubuntu1.10 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 96:4c:51:42:3c:ba:22:49:20:4d:3e:ec:90:cc:fd:0e (DSA) | 2048 46:bf:1f:cc:92:4f:1d:a0:42:b3:d2:16:a8:58:31:33 (RSA) |_ 256 e6:2b:25:19:cb:7e:54:cb:0a:b9:ac:16:98:c6:7d:a9 (ECDSA) 80/tcp open http Apache httpd 2.2.22 ((Ubuntu)) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.2.22 (Ubuntu) |_http-title: Site doesn't have a title (text/html). 443/tcp open ssl/http Apache httpd 2.…more

Nibbles - HackTheBox

Mar 07, 2021

Info Machine Profile Reconnaissance A nmap scan shows us that ports 22 and 80 are open. On port 80 runs a web server. By accessing it in web browser we can see: So naturally we’ll go to /nibbleblog and have a look. Looks like that it’s running a blog engine called Nibbleblog. By running a gobuster enumeration we found some files and directories: =============================================================== Gobuster v3.0.1 by OJ Reeves (@TheColonial) & Christian Mehlmauer (@_FireFart_) =============================================================== [+] Url: http://10.…more

Overpass - TryHackMe

Nov 01, 2020

Info This is a room from TryHackMe https://tryhackme.com/room/overpass If you have any questing, or want to discuss anything with me, pelase leave a comment or contact me through methods listed in About Page Recon First, always port scan: nmap -p- -v -T4 10.10.xx.xx 2 ports up. On port 80 is a website: There’s a funny comment in index source: Since they mentioned the Romans, I guess that would be caesar cipher or some kind of shifting cipher LOL.…more

Looking Glass - TryHackMe

Oct 19, 2020

Info This is a room from TryHackMe. https://tryhackme.com/room/lookingglass This room is a sequel of Wonderland. And here’s my writeup of Wonderland. If you have any questions, or want to discuss anything with me, please leave a comment or find me through methods listed in About Page Recon First thing, no surprise, nmap: nmap 10.10.84.1 | tee nmap.log But this machine gave me a huge surprise: So many ports up. To figure out what services are running on these ports, I tried connecting them with netcat.…more

Jack - TryHackMe

Oct 03, 2020

Info This is a room from TryHackMe. Link to the room If you have any questions, or want to discuss anything with me, please leave a comment or find me through methods listed in About Page Recon First thing first, add domain name to /etc/hosts as described: As usual, do a port scan: We found ports 22 and 80 open on this host. Then the next thing would be doing a fingerprint scan on these ports:…more

Wonderland - TryHackMe

Jun 13, 2020

Room URL: https://tryhackme.com/room/wonderland Before you read If you haven’t tried this box yet, I’d highly recommend try it yourself first. This box is quite fun :) Well, let’s: Fall down the rabbit hole and enter wonderland. nmap First thing, no doubt, we gotta know which ports are open on this box. This is how we do it: nmap -sC -sV <your box ip> An ssh and a HTTP server.…more