Posts

Undiscovered Write-up THM

-
Image
 Hello fellow hackers, I am back with another write-up for you all so let's get started.  Today we are doing Undiscovered box on tryhackme.com created by ch4rm .  The topics we are going to cover are:- Virtual hosts enumeration CMS bruteforcing Getting reverse-shell using an exploit from exploit-db Mounting file system and accessing data of victim machine on our local machine Horizontal privilege escalation using a script on victim machine And finally privilege escalation using vim.basic capabilities So let's get started, Virtual Hosts Enumeration As our general methodology goes, we'll start with an nmap scan # Nmap 7.80 scan initiated Tue Nov 10 01:56:45 2020 as: nmap -sC -sV -oN nmapscans 10.10.122.39 Nmap scan report for undiscovered . thm ( 10.10 . 122.39 ) Host is up ( 0.40 s latency) . Not shown: 996 closed ports PORT STATE SERVICE VERSION 22 / tcp open ssh OpenSSH 7.2 p2 Ubuntu 4 ubuntu2 . 10 (Ubuntu Linux; protocol 2.0 ) | ssh - hostkey: | ...
Post a Comment
Read more

Jeff write-up THM

-
Image
Hello there fellow hacker, today I'll be attempting to walk you through a fairly difficult room called Jeff on tryhackme.com created by JB7815 The key things that I learned from this room are:- Subdomain enumeration Escaping docker with a custom python script that performs wildcard exploitation Exploiting a binary with symbolic link Escaping rbash And exploiting crontab, so let's get started Before beginning our hacking, it's always a good practice to add the IP address to your /etc/hosts file #Foothold:- First step as usual we will begin with an nmap scan, nmap -sC -sV <Machine IP> -oN nmapscans -sC :- runs a script scan -sV :- tells the version of the services running on the box -oN:- saves the output of the scan Looks like we only have 2 ports open:- PORT    STATE     SERVICE 22          open          ssh   80          open        ...
Post a Comment
Read more