Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 53, 88, 135, 139, 389, 445, 464, 593, 636, 3268, 3269, 5986, 9389, 49667, 49673, 49674, 49698, and 54476 open. From SMB, we find a password-protected WinRM backup archive. After […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22 and 80 open. From the webserver, we find an FQDN, which we use to enumerate an additional vHost. Going to the vHost, we find it is hosting an application […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22 and 80 open. While enumerating the webserver, we find a URL redirector. After registering an account, we get a JWT. After exploiting the JWT, we are able to forge […]