HTB: Blue

An oldie but a goodie, MS17-010 was the vulnerability that kept on giving! Enumeration Firing up our nmap scanner, we discover several ports open: nmap -sS 10.10.10.40 -v Digging a little deeper into the open ports this time: nmap -sVC -p 139,445 10.10.10.40 Immediately, Windows 7 should jump out at us and we should zero […]

Read More

HTB: Jerry

Enumeration Here we go again, the usual initial nmap scan to kick things off: nmap -Pn -sS 10.10.10.95 -v Follow this up with another nmap scan delving a bit deeper into TCP 8080: nmap -sVC -p8080 10.10.10.95 -v Let’s head to the web browser and see what we can find there We find a default […]

Read More

HTB: Lame

Enumeration A run through of the “Lame” machine on HackTheBox. Kicking things off with an nmap scan, we can see the following ports are open: We’ve got FTP on TCP 21, SSH on TCP 22, and Samba/SMB on 445.I tend to favor using the -sS on the initial scan for a quick pass through to […]

Read More

Breaking Weak RSA

Taking a look at how we can leverage access to a weak public RSA key, an encrypted file and the RSACTFTool (link in the post below). This is a run through of the HackTheBox challenge called “WeakRSA”. Before we start, clone the following git repo: The challenge provides us with the following files:– flag.enc– key.pubOur […]

Read More