Difficult: Medium Category: Mobile OS: Android Description: The app stores a secret and says it is stored securely even in case the application has been tampered. Are you able to retrieve it? As always, download the .zip file and extrat with hackthebox as password. Decompile with apktool apktool d app-release.apk The SDK is 31, then…
Difficult: Medium Category: Mobile OS: Android Description: The skilled fisherman used his full strength and expertise to hook the fish. Can you beat him and set the fish free? First we’ll download the .apk file. The pass is hackthebox And then decompile with apktool ☝️🤓 apktool d Angler.apk The SDK version is 32, then we…
User.txt First we need know what’s ports are up. sudo nmap -sS -sV -n -Pn -vv Output PORT STATE SERVICE REASON VERSION 80/tcp open http syn-ack ttl 127 nginx 1.24.0 135/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 139/tcp open netbios-ssn syn-ack ttl 127 Microsoft Windows netbios-ssn 445/tcp open microsoft-ds? syn-ack ttl 127…
User.txt Let’s discover the open ports with nmap sudo nmap -sS -sV –min-rate 5000 -n -Pn -T4 -vv Output PORT STATE SERVICE REASON VERSION 25/tcp open smtp syn-ack ttl 127 hMailServer smtpd 80/tcp open http syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) 110/tcp open pop3 syn-ack ttl 127 hMailServer pop3d 135/tcp open msrpc…
User.txt First we will discover the open ports with nmap sudo nmap -sS -sU –min-rate 5000 -n -Pn -T4 -vv Output: PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 8.9p1 Ubuntu 3ubuntu0.6 (Ubuntu Linux; protocol 2.0) 80/tcp open http syn-ack ttl 63 nginx 1.18.0 (Ubuntu) 8000/tcp open nagios-nsca syn-ack ttl…
User.txt Will discover open ports with nmap sudo nmap -sS -sV –min-rate 5000 -n -Pn -T4 -vv Output PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 8.9p1 Ubuntu 3ubuntu0.6 (Ubuntu Linux; protocol 2.0) 80/tcp open http syn-ack ttl 63 nginx 1.18.0 (Ubuntu) Inspectin the webserver in the port 80, we…
User.txt First, we will discover which ports are open. sudo nmap -sS –min-rate 5000 -n -Pn -T4 -vv -sV Output: PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 8.9p1 Ubuntu 3ubuntu0.6 (Ubuntu Linux; protocol 2.0) 80/tcp open http syn-ack ttl 63 Apache httpd 2.4.52 ((Ubuntu)) If we go to clean.htb…
User.txt Add the machine IP to /etc/hosts file Now it’s nmap time sudo nmap -sS –min-rate 5000 -n -Pn -T4 -vv PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 8.9p1 Ubuntu 3ubuntu0.4 (Ubuntu Linux; protocol 2.0) 80/tcp open http syn-ack ttl 63 Apache httpd 2.4.52 3000/tcp open http syn-ack ttl…
User.txt First we will configure the /etc/hosts file to be able to work. It’s time to see what the nmap scan says. We have port 22 and 80 open. Let’s take a look at what’s on the website. It seems that, as in most machines, the IP addresses the name, in this case, it redirects…
User.txt First, as usual, let’s configure our /etc/hosts file with the IP linked to the domain cozyhosting.htb After that, let’s do the recon scan with nmap. On port 80, we find the web page, which has a login. Let’s do a scan with dirb to find other directories and possible entry points. And we find…