NMAP Scanning Added address in /etc/hosts and open the web page Upon clicking the link it asks for credentials. As we do not have any credentials I got the page below. I tried to view the source code and found the photobomb.js file. After opening that file I got the credentials. Username: pH0t0 Password: b0Mb!Continue reading “HackTheBox – Photobomb”
Tag Archives: nmap
HackTheBox – Precious
NMAP Scanning Add website to hosts file: Open the web service This website takes a web page URL and converts it into PDF. On examining the pdf, it shows that it is using pdfkit v0.8.6 version On searching we found vulnerability for mentioned version On studying the POC it looks like the URL parameter isContinue reading “HackTheBox – Precious”
Net Sec Challenge
What is the highest port number being open less than 10,000? 8080 There is an open port outside the common 1000 ports; it is above 10,000. What is it? 10021 How many TCP ports are open? 6 What is the flag hidden in the HTTP server header? THM{web_server_25352} What is the flag hidden in theContinue reading “Net Sec Challenge”
Basic Pentesting
Task 1 – Web App Testing and Privilege Escalation In these set of tasks you’ll learn the following: Brute forcing Hash cracking Service enumeration Linux Enumeration The main goal here is to learn as much as possible. Find the services exposed by the machine: Use “nmap” to find out what services are running on theContinue reading “Basic Pentesting”
