Synoslabs

Nous contacter

Tag: windows

Archives

Catégories

Articles récents

Tags

boat challenge cody credentials crypto ctf cve easy embed exif exploit geoint geolocation google google lense gralhix hacking hacktoria htb iis intelligence kernel linux location manipulation maps metadata metasploit metaverse mondayquiz osint php redirection reverse search social engineering social media socmint sofia santos street view thursdayquiz web web3 wifi windows writeup

  • 💻 Legacy – Writeup

    adm_synoslabs

    We’ll use a very famous CVE vulnerability to exploit this machine. Add the IP address in /etc/hosts: … 10.10.10.4 legacy.htb … First run a nmap scan: Only 2 ports seem interesting: 139 and 445 which are SMB ports. We can run some enumeration on them: We got some data but nothing really useful. smbclientdoesn’t return…

    Lire plus: 💻 Legacy – Writeup

  • 💻 Jerry – Writeup

    adm_synoslabs

    We’ll exploit a Tomcat functionnality to become Administrator of this Windows machine. Add the IP address in /etc/hosts: … 10.10.10.95 jerry.htb … First run a nmap scan: There is only one port open: We can search on Google for an exploit related to this version: There’s an ExploitDB exploit for this version. Let’s see if…

    Lire plus: 💻 Jerry – Writeup

  • 💻 Granny – Writeup

    adm_synoslabs

    This Windows machine looks a lot like another machine… Add the IP address in /etc/hosts: … 10.10.10.15 granny.htb … First run a nmap scan: We can run a directory fuzzing but nothing interesting is found: Here is the only page accessible on the website: This is a webdav server and there is a tool to…

    Lire plus: 💻 Granny – Writeup

  • 💻 Grandpa – Writeup

    adm_synoslabs

    In this machine we’ll exploit a kernel vulnerability to become Administrator. Add the IP address in /etc/hosts: … 10.10.10.14 grandpa.htb … First run a nmap scan: There is only one port open which is an HTTP service on port 80. It is detected as being a Windows machine running Microsoft IIS httpd 6.0. We can…

    Lire plus: 💻 Grandpa – Writeup

  • 💻 Devel – Writeup

    adm_synoslabs

    In this easy Windows machine, we’ll exploit a misconfiguration to become Administrator. Add the IP address in /etc/hosts: … 10.10.10.5 devel.htb … First run a nmap scan: Default web page: There is a FTP server running on port 21. We can connect to it as anonymous user. There is nothing interesting on it but we…

    Lire plus: 💻 Devel – Writeup

  • 💻 Buff – Writeup

    adm_synoslabs

    In this easy Windows machine we’ll exploit a buffer overflow! Add the IP address in /etc/hosts: … 10.10.10.198 blue.htb … First run a nmap scan: We add the -Pn option to nmap because this is a Windows machine and the ICMP protocol is filtered. So nmap cannot tell if the host is up or not.…

    Lire plus: 💻 Buff – Writeup

  • 💻 Blue – Writeup

    adm_synoslabs

    To exploit this Windows machine we’ll use an old but efficient vulnerability. Add the IP address in /etc/hosts: … 10.10.10.3 blue.htb … First run a nmap scan: There are only two interestng ports that are open: 139 and 445 which are SMB ports. All the other ones are basic RPC ports. If we try to…

    Lire plus: 💻 Blue – Writeup