HackTheBox — Validation

Nmap scan

Nmap scan report for 10.10.11.116
Host is up (0.18s latency).
Not shown: 992 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 3072 d8:f5:ef:d2:d3:f9:8d:ad:c6:cf:24:85:94:26:ef:7a (RSA)
| 256 46:3d:6b:cb:a8:19:eb:6a:d0:68:86:94:86:73:e1:72 (ECDSA)
|_ 256 70:32:d7:e3:77:c1:4a:cf:47:2a:de:e5:08:7a:f8:7a (ED25519) 80/tcp open http Apache httpd 2.4.48
|_http-server-header: Apache/2.4.48 (Debian)
|_http-title: Site doesn't have a title (text/html; charset=UTF-8). 5000/tcp filtered upnp
5001/tcp filtered commplex-link
5002/tcp filtered rfe
5003/tcp filtered filemaker
5004/tcp filtered avt-profile-1
8080/tcp open http nginx
|_http-title: 502 Bad Gateway
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

HTTP Enumeration

Initial Foothold

Getting root

--

--

--

I am a Penetration Testing Enthusiast with computer science background, also interested in CTFs and python scripting.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How does my tree look in Dotty ?

#44: One month in, GPT-3-powered OpenAI API demos take the web by storm

9 Steps to Stress Free Code Review

GitHub Container Registry Advanced Guide

STREAMING | MXGP of Sardegna (Italy) 2021' Livestream | Live_HD

The Python Pro Bootcamp for 2022: 100 Days of Code

100 days to learn python code

Advantages of ERP Cut Across the Enterprise:

erp cloud software development company in chennai

How to verify Azure autoscale for scale sets easily

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
0xEmbo

0xEmbo

I am a Penetration Testing Enthusiast with computer science background, also interested in CTFs and python scripting.

More from Medium

[CTF] 1337up CTF writeup- Mirage

Go Language pkg installation issue solved.

Root me: Bash — System 1

Breaking Parser Logic Gain Access To NGINX Plus API — Read/Write Upstreams.