July 2018 - HuntForBug

Initial Foothold – Crete Island

Nmap result:

root@kali:~/Desktop/htb# nmap -sS -sC 10.10.10.83
Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-08 01:25 EDT
Nmap scan report for 10.10.10.83
Host is up (0.50s latency).
Not shown: 996 closed ports
PORT     STATE    SERVICE
22/tcp   filtered ssh
53/tcp   open     domain
| dns-nsid: 
|_  bind.version: Bind
80/tcp   open     http
|_http-title: Crete island - Olympus HTB
2222/tcp open     EtherNetIP-1

Nmap done: 1 IP address (1 host up) scanned in 44.13 seconds

root@kali:~/Desktop/htb# nmap -sS -sC 10.10.10.83

Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-08 01:25 EDT

Nmap scan report for 10.10.10.83

Host is up (0.50s latency).

Not shown: 996 closed ports

PORT STATE SERVICE

22/tcp filtered ssh

53/tcp open domain

| dns-nsid:

|_ bind.version: Bind

80/tcp open http

|_http-title: Crete island - Olympus HTB

2222/tcp open EtherNetIP-1

Nmap done: 1 IP address (1 host up) scanned in 44.13 seconds

Port 80 enumeration
– Dirbuster: no interesting page/directory.
– Nikto: found uncommon header xdebug 2.5.5
– Xdebug is an extension for PHP to assist with debugging and development.
– Xdebug < 2.5.5 suffer from unauthenticated os command execution
– Exploit: https://github.com/vulhub/vulhub/blob/master/php/xdebug-rce/exp.py

Continue reading →

Interactive Coloring

Monthly Archives: July 2018

Hackthebox Olympus Walkthrough

Java Secure Code Review: Comprehensive Guide