Jump Ahead: Enum – Getting a Foothold – Lateral Movement – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22, 80, 139, and 445 open. From the webserver, we find a login form that is vulnerable to SQLi. Exploiting this, we are […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating all ports. The ports returned are consistent with an Active Directory server, so we are likely dealing with an active directory domain. From the webserver on port 80, we find a downloadable file that appears to be […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22 and 80 open. From the web server, we find a form that uses custom Javascript. Looking at the Javascript code, we find it submits user-supplied XML to another script […]