Writeup author : Hicham Terkiba (@IOBreaker) I started doing some recons with rustscan to speed up the process I got some useful information Open 10.129.13.163:22 Open 10.129.13.163:8000 http://jewel.htb:8000/gitweb/ Open 10.129.13.163:8080 http://jewel.htb:8080 I fired up a web browser to see what it looks like : Robots.txt The blog From the blog Read more…
Writeup author : Hicham Terkiba (@IOBreaker) Ok let’s do some port and service probing with nmap with T4 (agressive scan) to see if there is an IDS or a scan protection on the host and because we can (on Hack The Box 🙂 ) Ok, so we have port 80/tcp Read more…
Writeup author : Hicham Terkiba (@IOBreaker) In some file you can see sometime a “…..” in place of characters, this is done to avoid ‘flag’ information disclosure As usual, let’s do some port and service probing with nmap scan As you can see, we are in front of a Windows Read more…
Writeup author : Hicham Terkiba (@IOBreaker) In some file you can see sometime a “…..” in place of characters, this is done to avoid ‘flag’ information disclosure As usual, let’s do some port and service probing with nmap Ok, so : Domain is craft.htb 22 OpenSSH 7.4p1, 443 nginx 1.15.8 Read more…