Headless
HTB; Linux; Easy 10.129.227.151 TL;DR, the server is vulnerable to XXS injection and the cookie is not set to HttpOnly. For the privilege escalation, try sudo -l. Initial Enumeration Initial…
HTB; Linux; Easy 10.129.227.151 TL;DR, the server is vulnerable to XXS injection and the cookie is not set to HttpOnly. For the privilege escalation, try sudo -l. Initial Enumeration Initial…
HTB; Linux; Easy; 10.129.35.135 TL; DR Initial Enumeration Shows the open ports are 22 and 80, very typical setup. At /register path, found a JavaScript file to /js/inviteapi.min.js Looking at…
HTB; Linux; Easy; 10.129.13.246 Initial Enumeration Nmap Port scan shows port 22, 80 are open Port 80 seems to be a login page Initial Foothold I actually took the hard…
HTB; Linux Easy; 10.129.229.183 TL;DR Initial Enumeration A little work to configure if you want to visit the target’s port 443 on firefox, go to about:config, search for security.tls.version.min, and…
HTB 10.129.229.121 Linux Machine TL;DR Initial Enumeration Using the Nmap to scan target, get port 22 and 80. After several rounds of trying, most of the special characters were filtered…
Basic Information: PG Practice Linux Machine, Level Easy, Target IP: 192.168.248.220 TL;DR for those who only want a quick solution. Initial Enumeration Keep scanning for version information.sudo nmap -sS 192.168.248.220…