IDOR
-
Read more: Freelancer – Hack The Box – @lautarovculicUser.txt Let’s discover what open ports are in the target sudo nmap -sV -p- -Pn -vv -T4 10.129.69.11 Output: PORT STATE SERVICE REASON VERSION 53/tcp open domain syn-ack ttl 127 Simple DNS Plus 80/tcp open http syn-ack ttl 127 nginx 1.25.5 88/tcp open kerberos-sec syn-ack ttl 127 Microsoft Windows Kerberos (server time: 2024-06-02 01:14:36Z) 135/tcp…
-
Read more: Manager – Hack The Box – @lautarovculicDifficult: Easy Category: Mobile OS: Android Description: A client asked me to perform security assessment on this password management application. Can you help me? Download, and extract the .zip file with the password hackthebox, and, Start the Instance. In my case is: 94.237.54.233:56388 There are a README.txt file that say Install this application in an…
-
Read more: Micro-CMS v1 – @lautarovculicFlags: 4 Difficulty: Easy Category: Web Flag 1/4 By taking a short tour through the application, we can view and edit a number of ready-made testing pages, and we can also create a page. On the first page we see that markdown is allowed, but script… no? Let’s try it. Press the save button and..…