Posts

HTB Writeup: Paper

Enumeration nmap Scan # Nmap 7.92 scan initiated Mon Apr 11 15:07:52 2022 as: nmap -sC -sV -T3 -oN nmap.all-port.txt -vv -p- 10.10.11.143 Nmap scan report for 10.10.11.143 (10.10.11.143) Host is up, received echo-reply ttl 63 (0.084s latency). Scanned at 2022-04-11 15:07:58 IST for 54s Not shown: 65532 closed tcp ports (reset) PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 8.0 (protocol 2.0) 80/tcp open http syn-ack ttl 63 Apache httpd 2.

HTB Writeup: Catch

Enumeration nmap scan Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-24 06:52 IST Nmap scan report for 10.129.110.180 (10.129.110.180) Host is up (0.075s latency). Not shown: 65530 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.4 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 3072 48:ad:d5:b8:3a:9f:bc:be:f7:e8:20:1e:f6:bf:de:ae (RSA) | 256 b7:89:6c:0b:20:ed:49:b2:c1:86:7c:29:92:74:1c:1f (ECDSA) |_ 256 18💿9d:08:a6:21:a8:b8:b6:f7:9f:8d:40:51:54:fb (ED25519) 80/tcp open http Apache httpd 2.4.41 ((Ubuntu)) |_http-title: Catch Global Systems |_http-server-header: Apache/2.

HTB Writeup: Acute

Enumeration nmap Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-04 07:55 IST Nmap scan report for 10.129.136.40 (10.129.136.40) Host is up (0.080s latency). Not shown: 65534 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 443/tcp open ssl/http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) | ssl-cert: Subject: commonName=atsserver.acute.local | Subject Alternative Name: DNS:atsserver.acute.local, DNS:atsserver | Not valid before: 2022-01-06T06:34:58 |_Not valid after: 2030-01-04T06:34:58 |_http-server-header: Microsoft-HTTPAPI/2.0 |_ssl-date: 2022-07-04T02:43:16+00:00; +15m23s from scanner time. | tls-alpn: |_ http/1.

HTB Writeup: RouterSpace

Enumeration NMAP Scan # Nmap 7.92 scan initiated Sun Apr 10 19:53:33 2022 as: nmap -sC -sV -T3 -oN nmap.all-port.txt -vv -p- 10.10.11.148 Nmap scan report for 10.10.11.148 (10.10.11.148) Host is up, received echo-reply ttl 63 (0.078s latency). Scanned at 2022-04-10 19:53:39 IST for 138s Not shown: 65533 filtered tcp ports (no-response) PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 (protocol 2.0) | fingerprint-strings: | NULL: |_ SSH-2.

HTB Writeup: Resolute

Enumeration nmap Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-07 22:44 IST Nmap scan report for 10.129.96.155 (10.129.96.155) Host is up (0.078s latency). Not shown: 65511 closed tcp ports (reset) PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2022-07-07 10:23:33Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: megabank.

HTB Writeup: Sauna

Enumeration nmap Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-07 07:05 IST Nmap scan report for 10.129.95.180 (10.129.95.180) Host is up (0.071s latency). Not shown: 65516 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 80/tcp open http Microsoft IIS httpd 10.0 |_http-server-header: Microsoft-IIS/10.0 | http-methods: |_ Potentially risky methods: TRACE |_http-title: Egotistical Bank :: Home 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2022-07-07 08:37:43Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: EGOTISTICAL-BANK.

HTB Writeup: Buff

Enumeration nmap # Nmap 7.92 scan initiated Sun Jul 3 11:41:02 2022 as: nmap -sC -sV -T3 -oA nmap-tcp-all-ports -p- -iL ip.txt Nmap scan report for 10.129.25.107 (10.129.25.107) Host is up (0.080s latency). Not shown: 65533 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 7680/tcp open pando-pub? 8080/tcp open http Apache httpd 2.4.43 ((Win64) OpenSSL/1.1.1g PHP/7.4.6) |_http-title: mrb3n's Bro Hut |_http-open-proxy: Proxy might be redirecting requests |_http-server-header: Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.

HTB Writeup: Undetected

Enumeration nmap Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-01 08:36 IST Nmap scan report for 10.129.136.44 (10.129.136.44) Host is up (0.078s latency). Not shown: 65533 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2 (protocol 2.0) | ssh-hostkey: | 3072 be:66:06:dd:20:77:ef:98:7f:6e:73:4a:98:a5:d8:f0 (RSA) | 256 1f:a2:09:72:70:68:f4:58:ed:1f:6c:49:7d:e2:13:39 (ECDSA) |_ 256 70:15:39:94:c2💿64:cb:b2:3b:d1:3e:f6:09:44:e8 (ED25519) 80/tcp open http Apache httpd 2.4.41 ((Ubuntu)) |_http-title: Diana's Jewelry |_http-server-header: Apache/2.4.41 (Ubuntu) Service detection performed.

HTB Writeup: Registry

Enumeration nmap Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-02 16:27 IST Nmap scan report for 10.129.187.31 (10.129.187.31) Host is up (0.081s latency). Not shown: 65532 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 72:d4:8d:da:ff:9b:94:2a:ee:55:0c:04:30:71:88:93 (RSA) | 256 c7:40:d0:0e:e4:97:4a:4f:f9:fb:b2:0b:33:99:48:6d (ECDSA) |_ 256 78:34:80:14:a1:3d:56:12:b4:0a:98:1f:e6:b4:e8:93 (ED25519) 80/tcp open http nginx 1.14.0 (Ubuntu) |_http-title: Welcome to nginx! |_http-server-header: nginx/1.

HTB Writeup: Nest

Enumeration nmap # Nmap 7.92 scan initiated Thu Jun 30 18:27:50 2022 as: nmap -sC -sV -T3 -oA nmap-tcp-all-ports -p- -iL ip.txt Nmap scan report for 10.129.134.93 (10.129.134.93) Host is up (0.085s latency). Not shown: 65533 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 445/tcp open microsoft-ds? 4386/tcp open unknown | fingerprint-strings: | DNSStatusRequestTCP, DNSVersionBindReqTCP, Kerberos, LANDesk-RC, LDAPBindReq, LDAPSearchReq, LPDString, NULL, RPCCheck, SMBProgNeg, SSLSessionReq, TLSSessionReq, TerminalServer, TerminalServerCookie, X11Probe: | Reporting Service V1.