Home

nmap scans show open ports on 22, 443, 6022. Lets start with port 443. Port 443 generates a web page about craft beer. After poking around on the site and inspecting the elements of the page, there are two notable links to check out. https://api.craft.htb/api/ https://gogs.craft.htb/ Added both of those sites ...

https://www.lynda.com/Git-tutorials/Git-Essential-Training 0: Introduction 1: What is Git 2: Installing Git git help log 3: Getting Started Most often accessed .git/config Add every change that’s been made git add . Add commit message after adding the changes git commit -m ...

Port 80 and 64999. Port 80 hosts a bootstrap website. Port 64999 shows I’ve been banned for 90 seconds page. I don’t think that part of true as my scans were still running but we’ll note this down for now. nikto scans shows that there is a phpmyadmin being hosted on port 80 and the version can be found at: http://jarvis/phpmyadmin/Chan...

Ports show 22 and 80 being opened. Port 80 hosts this weird page with ascii art on the home page. Scanning using dirbuster or dirsearch is useless as it bans my IP. Although my nmap scan managed to find a robot.txt file that contains a disallowed entry for /writeup/ directory. Visiting the page doesn’t yield much information besides previo...

Initial scans show swagshop is hosting a web server on port 80. Upon investigation, it’s running Magento version 1.9x after digging deep into the xml files and cross referencing using Google. Source file: http://10.10.10.140/skin/frontend/default/default/css/styles.css Version confirmation: https://magento.stackexchange.com/questions/6...

Port scans show TCP ports 21, 22, 80, 3000, 8000 are open. The FTP service allows anonymous FTP access so I checked that out. It doesn’t contain any useful files besides a .txt file from a user about setting up a web server access for demonstration purposes. The SSH service isn’t useful to us right now, we just keep that in m...

Initial scan show port 139 and 445 is open which means there might be an open SMB share available for mount. smbclient //10.10.10.134/Backups There are two .vhd files that could be useful for us. Instead of downloading it on our system, we can mount it directory using guestmount. This part could take awhile as the conn...

Currently reading Amazon Link 1: NSM Rationale Does NSM prevent intrusions? Short answer is no because prevention eventually fails. All organizations will suffer breaches in some form The way you have to look at it is this, determined adversaries will inevitably breach...