Posts
Argenestel
Cancel

Summary There is anonymous Access to smb share Since the server is windows 2008, groups.xml in policy contains password for a user. It can be decrypted using gpp-decrypt Checking for the admin...

Summary Portscan results in 22 and 80 Open Now Dirbusting Port 80 with dir list med and php extension will give a page The php page have curl running so Transfer reverse Shell & get www-dat...

Description Defcon 23 Drone Talk https://www.youtube.com/watch?v=5CzURm7OpAA The Room was based on parrot drone mentioned in defcon Talk Machine Detail ...

Walkthrough Enumration argenestel@parrot  ~/Desktop/hackthebox/lazy  rustscan 10.10.10.18 .----. .-. .-. .----..---. .----. .---. .--. .-. .-. | {} }| { } |{ {__ {_ _}{ {__ / ___} / {...

Summary There are two ports open 80,6379 Redis Server have unauth access. We can upload a php shell and get access XXD suid to read /etc/shadow Crack the hash and get password User can sudo as ...

Walkthrough Enumeration argenestel@parrot  ~/Desktop/tryhackme/hackpark  rustscan 10.10.246.43 .----. .-. .-. .----..---. .----. .---. .--. .-. .-. | {} }| { } |{ {__ {_ _}{ {__ / ___}...

Summary We have torrent in port 80 Created an Account There is an upload vulnerability in screenshot upload feature After getting shell, linuxexpliotsuggester will show some exploits Exploiting...

Description: The Following Post is writeup of Aster room of tryhackme https://tryhackme.com/room/aster Machine Details OS Linux Ra...

Summary There are 2 ports open 21 and 80 We have write permission in FTP and it is common to web directory Generated an asp reverse shell and get meterpreter Using local_exploit_suggester chec...

Summary -> From Nmap scan we got few ports(smb) -> Checking from vulners, the smb is vulnerable to ms17-010(eternalblue) -> Using Msf we will get root Walkthrough We have windows m...