Hack The Box

  Hello everyone, welcome to my second blog. In this blog I'm gonna show you how to get root for armageddon machine which is a easy machine from Hack The Box, done by Bertolis. Lets begin, Lets start with nmap scan  So there are only 2 ports open 1) 22 : SSH 2) 80 : HTTP Since we have an open HTTP port lets add our target machine to our /etc/hosts file and start enumerating. Now after a lot of enumeration on the website I got nothing then I went to search what server and what CMS inlcuding its version, this website is using using wappalyzer. We can also find what CMS and what version, it is using from the source code. This website is using Drupal CMS version: 7 After knowing the Drupal version lets recon for any known vulnerabilities. After some time looking for exploits in google I finally found the correct exploit in rapid7. And yes we will be doing this machine using Metasploit. After some time I will post how to do this machine without using Metasploit.   Let's fire up ou

                               Hello everyone, welcome to my blog. In this blog I'm gonna show you how to get root for sink machine which is a insane machine from Hack The Box, done by MrR3boot. Lets begin, Lets start with nmap scan     Nmap Scan Report.   So there are 3 open ports: 1) 22 : SSH 2) 3000 : PPP  ->  Gitea 1.12.6 Running 3) 5000 : UPNP  ->  Gunicorn 20.0.0 Running Both 3000 and 5000 are HTTP ports. After a lot of enumeration on both websites i got nothing. Then i intercepted the request using burpsuite and found a hell lot of information. Now let's intercept http://sink.htb:5000 and http://sink.htb:3000 (update your /etc/hosts file). After intercepting http://sink.htb:3000 using burpsuite I found some cookies. Copy them.  Copy those cookies. Then lets move on to http://sink.htb:5000 and create an account. And login with those credentials.   Then intercept the home page using burp and you will get a session cookie. Copy that cookie. Copy that cookie. Now let