Jump Ahead: Enum – Getting a Foothold – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22, 80, and 443 open. From the nmap ssl-cert script, we find the subdomain passbolt.bolt.htb, and it add it and the root domain to our /etc/hosts […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 21, 22, and 80 open. From the web server, we find a Server-Side Request Forgery (SSRF) vulnerability. Using the SSRF vulnerability, we are able to enumerate the web server, and […]
Jump Ahead: Enum – Getting a Foothold – Lateral Movement – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22, 80, 139, and 445 open. From the webserver, we find a login form that is vulnerable to SQLi. Exploiting this, we are […]