Saihat's Network Security Blog

Introduction Today we're going to be doing a pentest walkthrough of the Curling machine hosted at https://hackthebox.eu . For this pentest, we'll be using a Kali Linux virtual machine as our attacking system and the Curling machine as the victim system. After connecting to the Hack the Box network via VPN, we see that our target is located at 10.129.122.113 Scanning and Enumeration We'll start by scanning for open ports with Nmap : nmap -T4 -p- 10.129.122.113 Now we'll do another Nmap scan, this time specifying the ports and picking up service names and version numbers: nmap -sV -T4 -p22,80 10.129.122.113 Seeing that there's a webserver on this host we'll visit the site in our web browser: http://10.129.122.113/ This looks like some sort of blog, but we can immediately add this name, Floris , to our list of potential usernames. Let's take a look at this page's source next: view-source:http://10.129.122.113/ We spot two important details here. First,...

Introduction Today we're going to be doing a pentest walkthrough of the OpenAdmin machine hosted at https://hackthebox.eu . For this pentest, we'll be using a Kali Linux virtual machine as our attacking system and the OpenAdmin machine as the victim system. After connecting to the Hack the Box network via VPN, we see that our target is located at 10.129.120.180. Scanning and Enumeration We'll start by scanning for open ports with Nmap : sudo nmap -T4 -p- 10.129.120.180 Now we'll do another Nmap scan, this time specifying the ports and picking up service names and version numbers: sudo nmap -sV -T4 -p22,80,6082 10.129.120.180 There seems to be some strange service running on port 6082, but the port doesn't seem to be open. We'll ignore that, and focus on the available webserver port. We'll do some directory busting with Gobuster : gobuster dir -u http://10.129.120.180 -w /usr/share/wordlists/dirb/big.txt -r -x txt,php,html -s 200,204,301,302,307,401,403 ...