Category CTF’s

BLACKFIELD – HACKTHEBOX

This is the Write-up/Walkthrough of the BLACKFIELD Active Directory Machine from Hackthebox. NMAP SCAN: Domain: BLACKFIELD.LOCAL, BIOS NAME: DC01 Shares found on SMB: Interacting with profiles$ share, found a list of empty directories, with username, copied all the output, saved it to…

RESOLUTE – HACKTHEBOX

This is the Write-up/Walkthrough of the RESOLUTE Machine from Hackthebox. NMAP SCAN: Domain found: megabank.local, BIOS Name: Resolute No file shares were found on smb, after I used ldapsearch to find more info about the domain, redirected the output to the…

DRIVER – HACKTHEBOX

This is the write-up/Walkthrough of the DRIVER Machine from Hackthebox. nmap scan: Visited port 80, asked for a username and password, tried logged in as admin:admin and it’s works after that, got the printer update firmware portal, which allows us…

SUPPORT – HACKTHEBOX

This is the Writeup/Walkthrough of the SUPPORT Machine from Hackthebox. nmap scan: ON smb, found 3 shares, on suppported-tools directory, downloaded UserInfo.exe.zip, extracted the all files, and used dnSpy to debug the UserInfo.exe file, after debugging found a password for…

Traverxec Writeup | HackTheBox

This is the writeup of HackTheBox machine Traverxec. nmap scan: on web port 80, nostromo 1.9.6 is running, which is vulnerable to RCE. used this exploit 47837.py to gain the shell as www-data, after enumerating nostromo directory found nhttpd.conf file,…

Forest Writeup | HackTheBox

nmap scan: Domain: htb.local Host: FOREST Enumerating users with enum4linux and ldapsearch using ldapsearch to enumerate users and groups after getting the users, save the users in a file, after that, i used getNPUsers tool of impacket to get the…