Vulnversity- TryHackMe lab

Published by Nick on

Today I am working on the Vulnversity challenge from tryhackme.com

I start with an nmap scan with the service version flag against the host: nmap -sV hostipaddress

TryHackMe had a great nmap reference table so I pasted it below:

I found a web server on port 3333 and started to look into it

I then used the tool gobuster to check for pages on the web server

Cheching the internal page, I found an upload form

Now I can upload a reverse shell

The form did not allow .php file types, I used Burp Suite to attempt different file types, .phtml worked so I just renamed the file.

I started a netcat listener on my attack machine to connect to the reverse shell

I uploaded the file and connected to a shell

I now have a shell on the webserver, next I need to escalate privileges

Categories: CybersecurityPentesting

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Cybersecurity

Administrator- Hackthebox lab

This lab came with Active Directory creds to simulate an assumed breach assessment. I started by checking the credentials with Netexec to confirm they worked. Next I ran Bloodhound-ce-python to collect Active Directory data for Read more

Cybersecurity

Support- Hackthebox lab

I started with an nmap scan for all TCP ports and the top UDP ports. This one looks like an Active Directory Domain Controller. Added target hostnames to /etc/hosts Looking through the SMB shares, I Read more

Cybersecurity

ServMon- Hackthebox lab

This box took a ton of troubleshooting and resets for the privilege escalation. The web server kept crashing but after many attempts, I finally got it finished. I start things off with a port scan Read more