HACKTHEBOX

PLAYER – (HACK THE BOX)

https://github.com/mazen160/bfac Things to note: Secret key used to sign the JWT token →_S0_R@nd0m_P@ss_. The access code to get the new file location. Masked endpoint →7F2xxxxxxxxxxxxx/ If we decode the JWT token captured in cookie while requesting /launcher/dee8dc8a47256c64630d803a4c40786e.php using jwt.io , we get Copy the cookie https://jwt.io/ paste here the cookie : access=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwcm9qZWN0IjoiUGxheUJ1ZmYiLCJhY2Nlc3NfY29kZSI6IkMwQjEzN0ZFMkQ3OTI0NTlGMjZGRjc2M0NDRTQ0NTc0QTVCNUFCMDMifQ and we get […]

HACKTHEBOX

Legacy (HACKTHEBOX)

root@kali:~/Downloads# nmap -A 10.10.10.4 Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-07 21:04 EDT Nmap scan report for 10.10.10.4 Host is up (0.13s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 445/tcp open microsoft-ds Windows XP microsoft-ds 3389/tcp closed ms-wbt-server Device type: general purpose|specialized Running (JUST GUESSING): […]

HACKTHEBOX

Popcorn (HACKTHEBOX)

root@kali:~/Downloads# nmap -A 10.10.10.6 Starting Nmap 7.70 ( https://nmap.org ) at 2018-12-20 19:07 EST Nmap scan report for 10.10.10.6 Host is up (0.14s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.1p1 Debian 6ubuntu2 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 1024 3e:c8:1b:15:21:15:50:ec:6e:63:bc:c5:6b:80:7b:38 (DSA) |_ 2048 aa:1f:79:21:b8:42:f4:8a:38:bd:b8:05:ef:1a:07:4d (RSA) 80/tcp […]