HTB – Netmon Walk-through

The machine we are going to root is the Netmon box. As always we start the scan with nmap The most useful ports for this machine are the 21 and 80. If we navigate to the web page we will see that it is a login page for the PRTG network monitor app. If we…More

HTB – Grandpa/Granny Walk-through

Today we will root two boxes from HTB that are so similar that the same techniques can be used. The boxes are the Grandpa and Granny. Also we will escalate our privilages with two different manual ways Initial foothold PrivEsc with Churrasco PrivEsc with MS14-070 As always we start the scan with nmap We see…More

HTB – Bashed Walk-through

Today we will root manually Bashed Box. Let’s see how We scan the machine We enumerate the website using gobuster And we see the following available folders with most interest the /dev If we follow the /dev folder we see that we can open a non-interactive and non-persistent shell. Since we have a foothold on…More

HTB – Optimum Walk-through

Today we will root manually Optimum Box. Let’s see how We scan the machine We see that only one port is open, port 80. If we navigate there we see that an HttpFileServer httpd 2.3 is running. If we search the exploit-db we see this A remote command execution script. So we will use this…More

HTB – Nibbles Walk-through

Today we will root manually the Niblles Box. Let’s see how We scan the machine We see two ports open. ssh and a web service on port 80. if we visit the site and check the source we see that a comment directing us to nibbleblog exists. So we enumerate the nibbleblog if we enum…More