Blog

HTB Assistance

HTB – Blunder

Christopher Soehnlein2020-10-17T10:40:58-05:00October 17th, 2020|Categories: HTB, Technology|Tags: Bludit, Blunder, CewL, HTB, OSCP, WFUZZ|

I try using PwnBox from HTB to do the Blunder box. It turns out to be a blunder for me and navigating the web UI.

HTB – Shocker

Christopher Soehnlein2020-10-13T16:33:17-05:00October 13th, 2020|Categories: HTB, Technology|Tags: cgi-bin, GTFOBins, Perl, Shellshock|

Today I explore Shocker from HTB; a OSCP like box featuring a Shellshock exploitable web server. Once on the box we use perl to escalate sudo.

HTB – Optimum

Christopher Soehnlein2020-10-13T10:07:20-05:00October 13th, 2020|Categories: HTB, Technology|Tags: MS16-098, Rejetto HTTP|

Today I explore Optimum from HTB; a OSCP like box featuring a Rejetto HTTP File Server v2.3 and a MS16-098 privilege escalation.

HTB – Cache

Christopher Soehnlein2020-10-10T10:16:07-05:00October 10th, 2020|Categories: HTB, Technology|Tags: Cache, docker, HTB, Memcache, OperEMR, WSO|

Cache from Hack the Box (HTB) explores exploits available for the OpenEMR System. Once we get on the system we used Memcache to escalate.

HTB – Beep

Christopher Soehnlein2020-10-09T10:30:58-05:00October 9th, 2020|Categories: HTB, Technology|Tags: Elastix 2.2.0, HTB, LFI, OSCP|

Using Beep from HTB I exploit Elastix 2.2.0 using a local file inclusion (LFI). I then attempted to password spray SSH and run into issues with ciphers.

HTB – Devel

Christopher Soehnlein2020-10-08T15:06:38-05:00October 8th, 2020|Categories: HTB, Technology|Tags: afd.sys, HTB, Metasploit, MS11-046, OSCP|

Using Devel from HTB I will show you how to exploit a Windows Server with anonymous FTP enabled and IIS. We will then run MS11-046 exploit to get root.

HTB – Legacy

Christopher Soehnlein2020-10-08T11:31:23-05:00October 8th, 2020|Categories: HTB, Technology|Tags: EternalBlue, HTB, Metasploit, MS17-010, OSCP|

Today using Legacy from HTB I will show you how to exploit MS17-010 EternalBlue with a custom shellcode and without the use of Metasploit.

HTB – Lame

Christopher Soehnlein2020-10-08T09:42:15-05:00October 8th, 2020|Categories: HTB, Technology|Tags: HTB, Lame, Metasploit, OSCP, SAMBA, SMB|

Today using Lame from HTB I will show you how to exploit SMB shares with null authentication. This is for SAMBA 3.0.20 and without the need for Metasploit.

PSA – John the Ripper ‘john’

Christopher Soehnlein2020-10-07T09:46:42-05:00October 7th, 2020|Categories: Cyber Security, Technology|Tags: invalid UTF-8, john, John the Ripper, Openwall|

Today I was going through a new box on Hack the Box when I ran across an issue with 'john' and 'Warning: invalid UTF-8' causing a valid hash to not be found.

HTB – Blackfield

Christopher Soehnlein2023-08-10T23:03:08-05:00October 3rd, 2020|Categories: HTB, Technology|Tags: Blackfield, CrackMapExec, Evil-WinRM, HTB, john, Seatbelt, SeBackupPrivilege, smbmap, Windows|

Today in Blackfield from HTB I explore a real-world example of a Windows Server when an account used for a specific task is not removed after.

HTB – Admirer

Christopher Soehnlein2020-09-26T10:26:08-05:00September 26th, 2020|Categories: HTB, Technology|Tags: Adminer, Admirer, DirBuster, HTB, Python, Shutil|

Admirer taught me the basics to dirb and using proper Word Lists. It also taught me that I am really bad at creating my own MySQL database (even for testing).

HTB – Passage

Christopher Soehnlein2020-10-07T10:51:52-05:00September 14th, 2020|Categories: HTB, Technology|Tags: CuteNews, HTB, Passage, Sha256, USBCreator, WSO|

Passage from HTB features a escalation using CuteNews and USBCreator as well as some base64/sha256 encrypted data.

Previous 456 Next

Subscribe To Receive My Latest Thoughts

If you like what you’ve read why not subscribe and get updated when a new post goes live?

"*" indicates required fields

Instagram

This field is for validation purposes and should be left unchanged.

Email*

We promise to only send relevant Blog related emails.

IslandDog Thoughts

Subscribe To Receive My Latest Thoughts