Home
Niraj Maharjan
Cancel

eLearnSecurity - eJPTv2

Hack The Box - Shoppy

Shoppy was a easy linux machine, which was vulnerable to NOSQL injection. Exploiting NOSQL injection, we  got password hash of all users. After cracking the hash of one user, the Mattermost serve...

Hack The Box - Photobomb

Photobomb was a easy rated linux box, where plaintext credentials was discovered after viewing the source code. These credentials then lead to a webpage with download  functionality that was vuln...

Hack The Box - Querier

Querier was a medium box that involved retrieving MSSQL database credentials after analyzing macro-enabled Excel workbook. These credentials were then used to establish a connection to the MSSQL ...

Hack The Box - Heist

Heist was an easy box that involved some password cracking and dumping Firefox’s processes.At first, we found a Cisco configuration file on the website that contained usernames and password hashe...

Hack The Box - Timelapse

RECON NMAP Nmap shows multiple ports open. Since ldap, kerberos, DNS and SMB ports are open it’s probably a Domain Controller. Nmap script shows that the domain name is timelapse.htb $nmap -Pn...

Hack The Box - Return

Return was an easy box that involved exploiting a printer’s web administration panel to obtain LDAP credentials. These credentials can then be used to access WinRM. The account obtained through t...

Hack The Box - Active

RECON NMAP Starting with nmap, nmap shows a bunch of open ports and the target is Active Directory Domain Controller running on Windows Server 2008 R2 SP1. $sudo nmap -sT -p- -oA alltcp 10.10...

Hack The Box - Jerry

RECON NMAP Starting with nmap, it only shows one port 8080 (Apache Tomcat) open. $sudo nmap -sC -sV -p- --min-rate 10000 -Pn -oN jerry-all-tcp.nmap 10.10.10.95 Nmap scan report for 10.10.10.9...

Hack The Box - Devel

RECON NMAP Strating with nmap it shows two ports open 80 httpd and 21 ftp # nmap -sC -sV 10.10.10.5 -oN devel.htb Starting Nmap 7.92 ( https://nmap.org ) at 2022-12-11 21:31 +0545 RTTVAR has ...