HTB - Backfire Walkthrough
HINT
- Lookup researches of both creators for initial access
- Default configuration could lead to something
- Pray, by what curious twist of fate dost thou grant me such elevated privilege anew?
Articles¶
HTB - EscapeTwo Walkthrough
| OS | Windows |
|---|---|
| Difficulty | Easy |
| Season | 7 - Vice |
Machine Summary
- As is common in real life Windows pentests, you will start this box with credentials for the following account: rose / KxEPkKe6R8su
- {Redacted_till_machine_retirement}
PG - Internal Walkthrough
TL ; DR
- Use Nmap to get a list of service running on the target
- Enumerate SMB
- Exploit SMB to get RCE
- No P.E Required
PG - ClamAV Walkthrough
TL;DR
- Enumerate SNMP and find traces of
clamav-milter - Exploit
sendmailwhich is vulnerable to RCE
PG - Exfiltrated Walkthrough
TL ; DR
- Use Nmap to get the list of services running on the target.
- On web app use default credentials to login.
- Exploit CMS which is vulnerable to authenticated RCE.
- Exploit Cronjob to escalate privilege to root.
PG - Pebbles Walkthrough
TLDR
- Fuzz directory to find application which is vulnerable to SQLi
- Exploit the vulnerable application using SQLMap to get shell