Enumeration Nmap The Nmap scan shows that port 80 is open on the target, where an HTTPFileServer 2.3 is running. The target has a Windows operating system. This particular version of Rejetto HTTP File Server (HFS) has a remote command execution vulnerability CVE-2014-6287. HTTP It was confirmed in a browser that HTTPFileServer is running on… Continue reading Hack the Box: Optimum
Month: January 2023
Hack the Box: Shoppy
As a first step added to the file /etc/hosts the IP address of the target to match the address: shoppy.htb. Enumeration Nmap The Nmap scan shows that ports 22 (SSH), 80 (HTTP), and 9093 (Copycat) are open on the target. HTTP The page shoppy.htb has a timer, no clickable links, and no interesting content. Gobuster… Continue reading Hack the Box: Shoppy
Hack the Box: Legacy
Enumeration Nmap The Nmap scan shows that port 445 (SMB) is open on the target, among other things. The target has a Windows XP operating system. Since the target has SMB running, we will use Nmap SMB scripts to check for vulnerabilities. We can run all the Nmap SMB scripts as follows: The input shows… Continue reading Hack the Box: Legacy
Hack the Box: Blue
Enumeration Nmap scan shows that port 445 (SMB) is open on the target, among other things. The target has a Windows operating system, and Nmap identifies the Windows version as Windows 7 Professional 7601 Service Pack 1. Since the target has a Windows 7 operating system, and SMB is running, it is recommended to use… Continue reading Hack the Box: Blue