Welcome to my blog, where I share detailed write-ups of Hack The Box labs, showcase personal cybersecurity projects, and document my journey in learning about cybersecurity and penetration testing.
Ping and Nmap the target IP using sudo nmap -sC -sV {target IP} We find 3 open ports, port 22/tcp open running vsftpd, port 22/tcp open running OpenSSH, and port 80/tcp open running Apache httpd. In the Nmap scan we see that Anonymous FTP login is allowed on port 21, we can connect to it using ftp {target IP} with the username anonymous and the password anon123 Looking through the FTP server using dir , we find a file called backup.zip . We can download this file to our s
First ping and Nmap the target IP using nmap -sC -sv {target IP} We find 2 open tcp ports, 22 running OpenSSH, and 80 running an Apache server, we’ll mainly be looking into port 80 or the web server. To begin looking into the web server, we’ll search the target IP in a browser and find a web page for an automotive business After scrolling to the services section, we find some explanation that we need to login to gain access to their services. With this information, we can
Ping and nmap the target IP using nmao -sC -sV {target IP} The main port we’ll be working with is port 1433/tcp open running Microsoft SQL server 2017. We can look more into this SMB using smbclient, specifically smbclient -N -L \\\\{target IP}\\ , where -N specifies no password, and -L specifies what services are available on a server. Looking at the shares available, only the backups share is available that doesn’t require an administrator level of permissions, so we’ll e
