Synoslabs

Nous contacter

Tag: linux

Archives

Catégories

Articles récents

Tags

boat challenge cody credentials crypto ctf cve easy embed exif exploit geoint geolocation google google lense gralhix hacking hacktoria htb iis intelligence kernel linux location manipulation maps metadata metasploit metaverse mondayquiz osint php redirection reverse search social engineering social media socmint sofia santos street view thursdayquiz web web3 wifi windows writeup

  • 💻 Mirai – Writeup

    adm_synoslabs

    Default credentials we’ll be used on this machine to access it. Add the IP address in /etc/hosts: … 10.10.10.48 mirai.htb … First run a nmap scan: A lot of ports are open contrary to the other easy boxes. Let’s start with the website: It tells us that the machine is a Pi-hole version 3.1.4. We…

    Lire plus: 💻 Mirai – Writeup

  • 💻 Lame – Writeup

    adm_synoslabs

    We’ll try to gain root access to the easiest HTB machine. Add the IP address in /etc/hosts: … 10.10.10.3 lame.htb … First run a nmap scan: There are 4 open ports (port 3622 is a false positive): FTP: Anonymous login is allowed, meaning we can connect to it without any password. We can also check…

    Lire plus: 💻 Lame – Writeup

  • 💻 Knife – Writeup

    adm_synoslabs

    A backdoor is found on the web server of this machine. Add the IP address in /etc/hosts: … 10.10.10.242 knife.htb … First run a nmap scan: The website doesn’t give us anything useful: In the source code there is no link. Looking at Wappalyzer we get some versions: Apache 2.4.41 PHP 8.1.0 There is no…

    Lire plus: 💻 Knife – Writeup

  • 💻 Cap – Writeup

    adm_synoslabs

    The name of the easy Linux box gives us useful hints… Add the hostname into /etc/hosts: … 10.10.10.245 cap.htb … First run a nmap scan to detect open ports: The nmap scan output is way too long so we’ll just focus on the important parts. The FTP server is not accessible using anonymous login and…

    Lire plus: 💻 Cap – Writeup

  • 💻 Beep – Writeup

    adm_synoslabs

    This Linux machine is a bit special compared to other Linux challenges because this is a CentOS operating system. Add the IP address in /etc/hosts: … 10.10.10.7 beep.htb … First run a nmap scan: There is a lot of open ports on this machine. But most of them could be rabbit holes. If you have…

    Lire plus: 💻 Beep – Writeup

  • 💻 Bashed – Writeup

    adm_synoslabs

    This easy Linux challenge uses a vulnerable PHP file to execute commands on the system. Add the IP address in /etc/hosts: … 10.10.10.68 bashed.htb … First run a nmap scan: There’s only one port open which is an Apache web server. The version 2.4.18 is not vulnerable. On the website, the autor wrote about a…

    Lire plus: 💻 Bashed – Writeup

  • 💻 Antique – Writeup

    adm_synoslabs

    In this machine we’ll enumerate services and find a specific UDP port to perform enumeration on it. Add the IP address in /etc/hosts: … 10.10.11.107 antique.htb … First run a nmap scan. We must specify the -Pn option because the machine doesn’t respond to pings: When we try to connect to the telnet service port…

    Lire plus: 💻 Antique – Writeup

  • 💻 Bizness – Writeup

    adm_synoslabs

    Bizness is an easy HackTheBox machine with cool things to learn. The user flag is pretty straight forward but the root access is way more difficult Add the IP address in /etc/hosts: … 10.10.11.252 bizness.htb … First run a nmap scan: We try to run a fuzzing using ffuf to discover potential hidden subdomains: /opt/ffuf/ffuf…

    Lire plus: 💻 Bizness – Writeup