Marceli HackTheBox – CozyHosting
Information Gathering and Vulnerability Scanning Initial nmap shows that 3 ports are opened. Later I did another scan with all ports: I have run also nikto scan, but nothing interesting…
Next-Gen Firewall (NGFW) – selection & initial deployment
Firewall vs NGFW In this post, I will describe the process of understanding firewalls and share my journey in selecting suitable software and appliances. Definition from Wikipedia.org:Next-generation firewall (NGFW) is…
HackTheBox – Active
Active is active directory box with Domain Controller installed.
TryHackMe – Enumerating Active Directory
Remember to connect to THM network via OpenVPN Generating my own set of credentials. hollie.norris Password: Jxug4101 Credential Injection - AD enumeration - $dnsip = "10.200.49.101" $index = Get-NetAdapter -Name…
TryHackMe – Breaching Active Directory
Before we can exploit AD misconfigurations for privilege escalation, lateral movement and goal execution, you need initial access first. You need to acquire an initial set of valid AD credentials.…
HackTheBox – Optimum
This one didn't work, because I didn't run it as intended It opens elevated shell as a new process which is not visible in shell. I should redirect it to…
HackTheBox – Devel
Devel is Windows 7 box with IIS server and anonymous access to FTP
HackTheBox – Legacy
It is an old box with Windows XP SP3 vulnerable to MS08-067. Exploitation is quite simple with Metasploit.
HackTheBox – Nineveh
Only http/https ports are opened
HackTheBox – Cronos
nmap shows 3 open ports: ssh, bind dns service and Apache http Default page