Jul 13, 2024, 03:43 PM
Let's talk guys - https://app.hackthebox.com/machines/Ghost
|
Ghost - Insane
by f4k3h4ck3r - Saturday July 13, 2024 at 03:43 PM
|
|
Jul 13, 2024, 07:31 PM
Jul 13, 2024, 07:45 PM
Jul 13, 2024, 07:54 PM
(Jul 13, 2024, 07:50 PM)orwell1984 Wrote:inspect the network taffic and click the search Icon. You should see a request to the api.(Jul 13, 2024, 07:45 PM)chewablechunk01 Wrote: http://ghost.htb:8008/ghost/api/content/...38c83aaca6
Jul 13, 2024, 08:33 PM
(Jul 13, 2024, 07:31 PM)Leonzola Wrote: http://ghost.htb:8008/ghost/ did you try sqlmap on it?
Jul 13, 2024, 08:38 PM
(Jul 13, 2024, 08:33 PM)disavowed913 Wrote:(Jul 13, 2024, 07:31 PM)Leonzola Wrote: http://ghost.htb:8008/ghost/ Doing it now.
Jul 13, 2024, 08:44 PM
there is also intranet.ghost.htb on port 8008
and core.ghost.htb on port 8443
Jul 13, 2024, 09:40 PM
Anything interesting in http://ghost.htb:8008/ghost/api/content/posts ?
http://intranet.ghost.htb:8008
User: kathryn.holland Secret: * Yes, just * It works for all users. Maybe it's treated like a wildcard and we can bruteforce a*, b*, etc. There's also http://gitea.ghost.htb:8008/
Jul 13, 2024, 09:59 PM
(Jul 13, 2024, 09:41 PM)ritualist Wrote: http://intranet.ghost.htb:8008 How did you find this? |
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| [FREE] CPTS 12 FLAGS | 68 | 1,931 |
6 hours ago Last Post: VictorPipeau |
||
| [FREE] HackTheBox Dante - complete writeup written by Tamarisk | 601 | 91,530 |
6 hours ago Last Post: VictorPipeau |
||
| [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired | 371 | 92,796 |
7 hours ago Last Post: phannguyenbaouy1 |
||
| [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags | 21 | 2,613 |
11 hours ago Last Post: popoler |
||
| Hack the box Pro Labs, VIP, VIP+ 1 month free Method | 23 | 2,268 |
Yesterday, 02:10 PM Last Post: kkkato |
||