JOIN BREACHFORUMS TELEGRAM
HTB - Freelancer
by trevor69000 - Saturday June 1, 2024 at 06:49 PM
Advanced User

Posts: 87
Threads: 28
Joined: Apr 2024
Reputation: 5
#1
Jun 01, 2024, 06:49 PM
Lets go 
https://app.hackthebox.com/machines/Freelancer
Reply
Breached
Member
Posts: 5
Threads: 0
Joined: Nov 2023
Reputation: 0
#2
Jun 01, 2024, 07:51 PM
PORT STATE SERVICE REASON
53/tcp open domain syn-ack ttl 127
80/tcp open http syn-ack ttl 127
88/tcp open kerberos-sec syn-ack ttl 127
135/tcp open msrpc syn-ack ttl 127
139/tcp open netbios-ssn syn-ack ttl 127
389/tcp open ldap syn-ack ttl 127
445/tcp open microsoft-ds syn-ack ttl 127
464/tcp open kpasswd5 syn-ack ttl 127
593/tcp open http-rpc-epmap syn-ack ttl 127
636/tcp open ldapssl syn-ack ttl 127
3268/tcp open globalcatLDAP syn-ack ttl 127
3269/tcp open globalcatLDAPssl syn-ack ttl 127
5985/tcp open wsman syn-ack ttl 127
9389/tcp open adws syn-ack ttl 127
49667/tcp open unknown syn-ack ttl 127
49670/tcp open unknown syn-ack ttl 127
49671/tcp open unknown syn-ack ttl 127
49672/tcp open unknown syn-ack ttl 127
63271/tcp open unknown syn-ack ttl 127
63275/tcp open unknown syn-ack ttl 127
Reply
Banned

Posts: 219
Threads: 14
Joined: Apr 2024
Reputation: 17
#3
Jun 01, 2024, 08:36 PM
any hint ?......

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Asking for rep is not allowed
Reply
Elite User

Posts: 196
Threads: 31
Joined: Apr 2024
Reputation: 13
#4
Jun 01, 2024, 08:50 PM (This post was last modified: Jun 01, 2024, 08:52 PM by maggi.)
I got a domain SID?

[+] Domain SID: S-1-5-21-3542429192-2036945976-3483670807

idk?
Reply
Banned

Posts: 219
Threads: 14
Joined: Apr 2024
Reputation: 17
#5
Jun 01, 2024, 09:03 PM (This post was last modified: Jun 01, 2024, 09:33 PM by osamy7593.)
i think we can use xss to steal a cookie .. but where idk
i think here we can make xss http://freelancer.htb/contact/
guys login as employer and activate the acc after that check qr code

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Asking for rep is not allowed
Reply
Elite User

Posts: 196
Threads: 31
Joined: Apr 2024
Reputation: 13
#6
Jun 01, 2024, 10:02 PM
I am logged in as user and been trying to figure that out,
Reply
Banned

Posts: 219
Threads: 14
Joined: Apr 2024
Reputation: 17
#7
Jun 01, 2024, 10:04 PM
make an acc as freelancer and go there freelancer.htb/accounts/recovery/ .. after that recover as employer and login as employer

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Asking for rep is not allowed
Reply
Breached
Member
Posts: 33
Threads: 1
Joined: Apr 2024
Reputation: 0
#8
Jun 01, 2024, 10:25 PM
Users :

dthomas
jgreen
sdavis
taylor
jmartinez
Reply
Breached
Member
Posts: 4
Threads: 0
Joined: Jan 2024
Reputation: 0
#9
Jun 01, 2024, 10:28 PM
idor with qr code otp. only need to substitute b64 of admin user id
Reply
Banned

Posts: 219
Threads: 14
Joined: Apr 2024
Reputation: 17
#10
Jun 01, 2024, 10:35 PM
(Jun 01, 2024, 10:28 PM)iroquois Wrote: idor with qr code otp. only need to substitute b64 of admin user id

how to use it can u explain

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Asking for rep is not allowed
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [FREE] HackTheBox Dante - complete writeup written by Tamarisk Tamarisk 603 92,360 6 hours ago
Last Post: 0xnany
  [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags Techtom 23 2,724 6 hours ago
Last Post: 0xnany
  [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired Tamarisk 374 93,325 6 hours ago
Last Post: 0xnany
Heart [FREE] HackTheBox All Cheatsheets Tamarisk 8 539 9 hours ago
Last Post: mrmanual
  [FREE] CPTS 12 FLAGS pulsebreaker 70 2,143 9 hours ago
Last Post: neurodot

Forum Jump:


 Users browsing this forum: 1 Guest(s)