Bank HackTheBox Notes

Genius = https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/ IP address: 10.10.10.29 Recon nmap -v -sU -sS -p- -A -T4 10.10.10.29 Port 80/tcp - http Nmap -p 80 -sV 10.10.10.29 Reveals apache httpd 2.4.7 - no known critical vulnerabilities Default Ubuntu Apache2 page Port 53/tcp - DNS Nmap -p 53 -sV 10.10.10.29 ISC BIND 9.9.5-3ubuntu0.14 Port 22/tcp - ssh Nmap -p... Continue Reading →

Lame HackTheBox Notes

Genius = https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/ IP address: 10.10.10.3 Recon nmap -v -sU -sS -p- -A -T4 target Port 445/tcp: used for direct TCP/IP MS Networking access without the need for NetBIOS layer. SMB (Server Message Block) protocol is used among other things for file sharing. Used in Windows 2K/XP to run SMB directly over TCP/IP without the... Continue Reading →

OverTheWire Leviathan 0-7

Here are my notes/answers for leviathan. Was surprised at the ease of these challenges as I remember attempting them a couple of months ago and being absolutely clueless after level 1. Guess that's a nice sign of improvement! Level 0 User: leviathan0 Pass: leviathan0 ‘ls -a’ reveals a directory called ‘.backup’ which contains a file... Continue Reading →

Poison HackTheBox Notes

As I continue to post my notes for retired boxes you will likely notice a drastic increase in detail. A few boxes were completed when I was just getting into cyber security and since then I have learned a lot in regards to documentation. Simply based off of the name here we can determine this... Continue Reading →

Celestial HackTheBox Notes

This box isn’t too bad and was actually pretty educational. First we started off with an nmap scan, noticing only one port open “3000”. Using the flag -sV we can use banner grabbing to determine what service is running on the port. We then found out it was node.js and a web host. So we... Continue Reading →

Valentine HackTheBox Notes

Valentine This box consists of a fair amount of rabbit holes that I will just ignore for the most part to avoid this report being super long.   The first thing I always do is run an nmap scan. I found 3 open ports, http, https, and ssh. This is great, web servers are fun.... Continue Reading →

Aragog HackTheBox Notes

Nmap -sV -T5 10.10.10.78 PORT   STATE SERVICE VERSION 21/tcp open  ftp vsftpd 3.0.3 22/tcp open  ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0) 80/tcp open  http Apache httpd 2.4.18 ((Ubuntu)) Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel   Running dirbuster with medium wordlist   10.10.10.78/hosts.php => There are 4294967294 possible hosts for This is... Continue Reading →

Create a website or blog at WordPress.com

Up ↑