The machine we are going to root is the Netmon box. As always we start the scan with nmap The most useful ports for this machine are the 21 and 80. If we navigate to the web page we will see that it is a login page for the PRTG network monitor app. If we…More
Monthly Archives: February 2021
HTB – Grandpa/Granny Walk-through
Today we will root two boxes from HTB that are so similar that the same techniques can be used. The boxes are the Grandpa and Granny. Also we will escalate our privilages with two different manual ways Initial foothold PrivEsc with Churrasco PrivEsc with MS14-070 As always we start the scan with nmap We see…More
HTB – Bashed Walk-through
Today we will root manually Bashed Box. Let’s see how We scan the machine We enumerate the website using gobuster And we see the following available folders with most interest the /dev If we follow the /dev folder we see that we can open a non-interactive and non-persistent shell. Since we have a foothold on…More
HTB – Optimum Walk-through
Today we will root manually Optimum Box. Let’s see how We scan the machine We see that only one port is open, port 80. If we navigate there we see that an HttpFileServer httpd 2.3 is running. If we search the exploit-db we see this A remote command execution script. So we will use this…More
HTB – Nibbles Walk-through
Today we will root manually the Niblles Box. Let’s see how We scan the machine We see two ports open. ssh and a web service on port 80. if we visit the site and check the source we see that a comment directing us to nibbleblog exists. So we enumerate the nibbleblog if we enum…More