Hello there! I am Joe.
Here, I post about CTFs or Machines that I have solved and also some interesting stuff that I encounter in my InfoSec journey.
View all my posts here
This is a retired Linux machine rated as Easy in HackTheBox.
Although the machine is tagged as Easy, the privilege escalation vectors found in the machine is a great way to be exposed to common and application-specific vulnerabilities and exploitation.
We are given a web application located in soccer.htb.
By using gobuster, we can find /tiny as a valid URL path
|
|
Before attempting to do anything, let’s read the description of the challenge first.
The description describes a scenario where a threat actor has uploaded a shell to the webserver. Using those clues, we can then attempt to try and solve the challenge.
The file given for the challenge is a singular .pcap file, which we can open in WireShark to inspect and do our investigations there.
After opening the file in WireShark, we can see that there are many different packets captured. However, we can use the clues that the description gave to give us a starting point in terms of searching for the right file. Remember that a threat actor has uploaded a shell to their web server. Working off this knowledge, we can then filter any activity involving uploads; namely POST and PUT HTTP requests.
This is a retired Linux machine tagged as Easy in HackTheBox. It involves interesting attack paths and a unique privilege escalation that you may commonly see misconfigured on industry scenarios.
An _nmap _scan at the target IP reveals a service running on Port 8080.
Upon loading port 8080 in our web browser, we are greeted with a web application named “Zodd Cloud”.
Navigating around the website, we can come across _/release_notes _which contains a change log of the website
