Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports TCP:80 and UDP:623 open. Looking into UDP:623, we learn it allows for out-of-band system monitoring. Using this port, we are able to get hashed credentials for Zabbix, which is hosted […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22, 80, and 3000 open. From port 80, we find an archive that we are able to download. After analyzing the archive, we find the secret for the signed JWT […]
Jump Ahead: Enum – Foothold – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22, 80, and 8000 open. From the web server, we find a git repo and download it. Looking through the downloaded source code, we find a command injection […]