Posts: 39
Threads: 12
Joined: Aug 2024
Oct 26, 2024, 06:24 PM
(This post was last modified: Oct 26, 2024, 07:12 PM by ir0nman4l1f3.)
lets go! the final season 6 machine is getting ready to be release - who else is ready to solve this final machine?
https[://]app.hackthebox[.]com/machines/632
Nmap scan report for 10.*.*.*
Host is up (0.026s latency).
Not shown: 65508 closed tcp ports (reset)
PORT STATE SERVICE
53/tcp open domain
80/tcp open http
88/tcp open kerberos-sec
135/tcp open msrpc
139/tcp open netbios-ssn
389/tcp open ldap
445/tcp open microsoft-ds
464/tcp open kpasswd5
593/tcp open http-rpc-epmap
636/tcp open ldapssl
2179/tcp open vmrdp
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
5985/tcp open wsman
9389/tcp open adws
47001/tcp open winrm
49664/tcp open unknown
49665/tcp open unknown
49666/tcp open unknown
49668/tcp open unknown
49669/tcp open unknown
49670/tcp open unknown
49671/tcp open unknown
49672/tcp open unknown
49676/tcp open unknown
49697/tcp open unknown
57185/tcp open unknown
Posts: 34
Threads: 11
Joined: Jun 2024
Oct 26, 2024, 07:12 PM
(This post was last modified: Oct 26, 2024, 07:14 PM by Ravisharma26.)
http://university.htb/accounts/login/SDC/
for login into website
we can use openssl to generate signed certificate
Posts: 47
Threads: 1
Joined: Jan 2024
We can register then we can request a signed cert. Maybe we can sign our own certificates with this?
Posts: 28
Threads: 0
Joined: Oct 2024
Anyone got a foothold yet? That would be very helpful if someone could give some hint!
Posts: 22
Threads: 0
Joined: Jun 2024
(Oct 27, 2024, 05:49 AM)xianling88 Wrote: Anyone got a foothold yet? That would be very helpful if someone could give some hint!
Try Reportlabs poc Code Injection Vuln
Posts: 28
Threads: 0
Joined: Oct 2024
(Oct 27, 2024, 07:08 AM)mrranger2424 Wrote: (Oct 27, 2024, 05:49 AM)xianling88 Wrote: Anyone got a foothold yet? That would be very helpful if someone could give some hint!
Try Reportlabs poc Code Injection Vuln
Thanks man! Got a shell!!!
Posts: 1
Threads: 0
Joined: Oct 2024
Oct 27, 2024, 07:13 PM
(This post was last modified: Oct 27, 2024, 07:13 PM by Incuerd00.)
(Oct 27, 2024, 08:08 AM)xianling88 Wrote: (Oct 27, 2024, 07:08 AM)mrranger2424 Wrote: (Oct 27, 2024, 05:49 AM)xianling88 Wrote: Anyone got a foothold yet? That would be very helpful if someone could give some hint!
Try Reportlabs poc Code Injection Vuln
Thanks man! Got a shell!!!
Stuck in this shell, any other hint?
Posts: 28
Threads: 0
Joined: Oct 2024
(Oct 27, 2024, 07:13 PM)Incuerd00 Wrote: (Oct 27, 2024, 08:08 AM)xianling88 Wrote: (Oct 27, 2024, 07:08 AM)mrranger2424 Wrote: (Oct 27, 2024, 05:49 AM)xianling88 Wrote: Anyone got a foothold yet? That would be very helpful if someone could give some hint!
Try Reportlabs poc Code Injection Vuln
Thanks man! Got a shell!!!
Stuck in this shell, any other hint?
I'm stuck after getting this shell too! this one is hard man.
Posts: 5
Threads: 0
Joined: Apr 2024
So i got into the shell from the export function but now I am lost in how to move to john anyone got a small hint I could use for user?
Posts: 57
Threads: 0
Joined: Oct 2024
You don’t really use John for this box This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.
|
