DBTN

FriendZone is an "Easy" difficulty Machine on hackthebox.eu First Step: Nmap Scan of the Machine nmap -n -v -Pn -p- -A --reason -oN fz.txt 10.10.10.123 Ubuntu, with only SSH AND HTTP Primary areas of opportunity: SSH /22, HTTP/80 22/tcp open ssh syn-ack ttl 63 OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0) 80/tcp open http syn-ack ttl 63 Apache httpd 2.4.18 ((Ubuntu)) I added a static entry to my /etc/hosts file 10.10.10.140 swagshop.htb This is the primary page for port 80. Its a site to buy hackthebox gear. 3 items are available for sale. I played around a bit. Never seen Magento, so i Registered an account Played around the dashboard, thought maybe I could escalate my privileges somehow.  I moved onto find sub directories. I used wfuzz wfuzz -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt --hc 404,302 -t 50 http://10.10.10.140/index.php/FUZZ Actually hit quite...

Luke is a Medium difficulty Machine on hackthebox.eu First Step: Nmap Scan of the Machine  nmap -n -v -Pn -p- -A --reason -oN LUKE-nmap.txt 10.10.10.137 Ubuntu, with a few things worth looking at Primary areas of opportunity:  FTP/21, HTTP/80, SMB/445 Interesting port: TCP/53 21/tcp open ftp syn-ack ttl 63 vsftpd 3.0.3+ (ext.1) 22/tcp open ssh? syn-ack ttl 63 80/tcp open http syn-ack ttl 63 Apache httpd 2.4.38 ((FreeBSD) PHP/7.3.3) 3000/tcp open http syn-ack ttl 63 Node.js Express framework 8000/tcp open http syn-ack ttl 63 Ajenti http control panel I added a static entry to my /etc/hosts file 10.10.10.137 luke.htb Let's start with ftp, logging in with anonymous, we're able to get in! Literally the only file is one names for_Chihiro.txt, so lets grab it. So we see that an apparent Web Developer named Derry is trying to encourage an aspiring Web Developer, and opened up some of the source code for him...