Possibly Related Threads…

r4b1tt · Dec 19, 2024, 12:10 PM

Is there anyone having a writeup for Alchemy ? or can point me to someone / shop who offers it?

Ashu · Dec 19, 2024, 12:56 PM

1.Monitor LDAP traffic
2.Search git repo to find ssh credentials.
3 Create tunnel to 10.10.110.21 using ligolo-ng to get navigated to 172.16.0.20:80 (you can login with default credential)
4 Exploit with CVE-2021-26828 which allow RCE

0xbax · Jan 06, 2025, 07:19 AM

(Dec 19, 2024, 12:10 PM)r4b1tt Wrote: Is there anyone having a writeup for Alchemy ? or can point me to someone / shop who offers it?

I would also be interested in this

steby33 · Jan 15, 2025, 08:33 PM

me too please, there is a write up ?

johnwick25 · Jan 16, 2025, 03:28 AM

(Dec 19, 2024, 12:56 PM)Ashu Wrote: 1.Monitor LDAP traffic
2.Search git repo to find ssh credentials.
3 Create tunnel to 10.10.110.21 using ligolo-ng to get navigated to 172.16.0.20:80 (you can login with default credential)
4 Exploit with CVE-2021-26828 which allow RCE

is this just for gaining initial access?

whomai123 · Jan 16, 2025, 02:06 PM

(Dec 19, 2024, 12:56 PM)Ashu Wrote: 1.Monitor LDAP traffic
2.Search git repo to find ssh credentials.
3 Create tunnel to 10.10.110.21 using ligolo-ng to get navigated to 172.16.0.20:80 (you can login with default credential)
4 Exploit with CVE-2021-26828 which allow RCE

thanks for share

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.

steby33 · Jan 18, 2025, 09:16 PM

(Jan 16, 2025, 03:28 AM)johnwick25 Wrote:
(Dec 19, 2024, 12:56 PM)Ashu Wrote: 1.Monitor LDAP traffic
2.Search git repo to find ssh credentials.
3 Create tunnel to 10.10.110.21 using ligolo-ng to get navigated to 172.16.0.20:80 (you can login with default credential)
4 Exploit with CVE-2021-26828 which allow RCE

is this just for gaining initial access?

yes, i analyse the login page on gogs (with Burp) but i don't see anything

0mniscient · Jan 20, 2025, 09:01 AM

I can't capture LDAP traffic. Any solution

anthony123 · (This post was last modified: Jan 20, 2025, 10:11 PM by anthony123.)

(Jan 18, 2025, 09:16 PM)steby33 Wrote:
(Jan 16, 2025, 03:28 AM)johnwick25 Wrote:
(Dec 19, 2024, 12:56 PM)Ashu Wrote: 1.Monitor LDAP traffic
2.Search git repo to find ssh credentials.
3 Create tunnel to 10.10.110.21 using ligolo-ng to get navigated to 172.16.0.20:80 (you can login with default credential)
4 Exploit with CVE-2021-26828 which allow RCE

is this just for gaining initial access?
yes, i analyse the login page on gogs (with Burp) but i don't see anything

Look at all the login requests in all pages. You should be able to figure out.

(Jan 20, 2025, 09:01 AM)0mniscient Wrote: I can't capture LDAP traffic. Any solution

Try using the latest version of the responder, you should be able to capture the LDAP traffic. Also alternatively you can try listening on that particular interface to see if there is any traffic incoming.

**RedBlock** · Jan 25, 2025, 04:09 PM

Dm me will share the writeup

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	Hack the box Pro Labs, VIP, VIP+ 1 month free Method	RedBlock	23	2,170	1 hour ago Last Post: kkkato
	[FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags	Techtom	20	2,491	Yesterday, 11:06 PM Last Post: op334
	[FREE] HackTheBox All Cheatsheets	Tamarisk	3	396	Yesterday, 10:36 PM Last Post: op334
	[FREE] 300+ Writeups PDF HackTheBox/HTB premium retired	Tamarisk	369	92,003	Yesterday, 04:10 PM Last Post: sabbyahmed
	CBBH Write Ups	hiddenhacker	22	6,226	Yesterday, 06:39 AM Last Post: Usercomplex