Posts

To begin my enumeration, I performed a port scan of both TCP and UDP ports using Nmap. This initial step allowed me to establish a clear picture of the services that were exposed and set the foundation for the rest Read more

I began the engagement by performing a full TCP and UDP port scan with Nmap to identify open services running on the target. A SYN scan was used on all TCP ports for speed and stealth, while service detection and version enumeration Read more

I began by performing a full TCP and UDP port scan to enumerate available services. It looks like we are working with an Active Directory Domain Controller from the ports that are open. I was able to collect system information Read more

As always, I start off the assessment with scanning for open TCP and UDP ports. I started looking into the ActiveMQ service and did a search for version 5.15.15. This led to the CVE-2023-46604 exploit with a public RCE on Read more

Today I am working on Sauna by Hackthebox. I start out with some port scans. This is a Domain Controller so I looked into some common items such as null sessions and smb share enumeration. I did not have luck Read more

I got stuck on this assessment because the target machine was not accepting the reverse shell. It turned out that I needed to set my attack box to the same time as the target machine, once that was completed, everything Read more

I started the assessment with Nmap port scans against all TCP and the top UDP ports. On TCP port 55555, I found this service called request-baskets. I found a public exploit with SSRF (Server side request forgery). I started enumerating Read more