Where Notes Work
ARCTIC – HACKTHEBOX
Hello friends, This is a quick and raw writeup for ARCTIC machine from HACKTHEBOX.
found port 8500 open running website, A coldfusion cms type thing running.
found exploit of version 8 and exploited using public python script, after that i got user tolis.
after that using “windows/misc/hta_server” got shell on metasploit.
used “windows/local/ms10_092_schelevator” post module for privesc.
If you face any problems, let me know in the comment section.