Intro Pretty fast and obvious box. Let me guide through my pwn: Target HTB - Devel Recon Usual recon here, based on logo and info : Windows box ; Misc : FTP, Arbitrary file upload. Enum We run our classic nmap scan : 1 sudo nmap -T4 -A -p- -oA nmap $target_ip 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 # Nmap 7.

I finally did it! After years thinking about it, I finally migrated my Wordpress website to a static website! It was painful, but I am really happy I did it. Why change? I got fed up with Wordpress being full of “stuff”, loading a webpage took ages (well, seconds…, but still too much) while my content is mostly text and a few small images. Moreover, I wanted to be able to write my posts using Markdown.

Intro An easy box according to HTB ranking and a not so easy one according to this site. For me, it was really painful. Let me overshare! Target HTB - NetMon Recon Quick recon based on HTB logo and info : Windows box ; Misc info : web, PowerShell, file misconfiguration ; Probably runs PRTG NetWork Monitor tool. Enum 1 sudo nmap -T4 -A -p- -oA nmap $target_ip 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 Starting Nmap 7.

Intro Without further ado, let’s get started and see what this box is made of! Target THM - Alfred Recon From the box logo and description we can discover that : Target runs Windows ; Target runs Jenkins. Let’s go! Enum Let’s start a basic nmap scan : 1 sudo nmap -T4 -A -p- -oA nmap $target_ip Unfortunately, nmap will complain that Note: Host seems down.

Intro The importance to also patch your “applications”, and not just your services. Target HTB - OpenAdmin Recon Again, this is an HTB box, so recon is mainly active, and I feel like active recon == enum. Still, we can check : Name of the box : OpenAdmin ; OS “type”, : Linux : Hints given on HTB website, information section : Enum As always, we start with an nmap scan :

Intro A good ol' vuln to get starting! This will be my first real tutorial, so I’ll try to explain the basics of what I am doing. Please bear in mind that I am very new to hacking, probably like you are. I am merely sharing my knowledge and by doing so I am making sure I understood what I did. Please correct me if you find anything wrong, or ask question if you need to!