Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Hack the Box Writeup - Jerry

0
0

Probably the easiest machine on Hack the Box ever; which also means this will be the shortest writeup ever too.

Enumeration

So we start as always with our nmap scan.

$ nmap -sC -sV -oA nmap/scan 10.10.10.95

The result is only a single port open, 8080. Browsing to that port shows a default Apache Tomcat installation, so let's run Nikto on it.

$ nikto -h http://10.10.10.95:8080
Hack the Box Writeup - Jerry

This gives us a very useful piece of information. The Tomcat Manager Application is available to us, and the default credentials have not been changed!

Exploit

Searchsploit shows us there is a remote code execution exploit for authenticated users using the Manager Application, so lets fire up Metasploit, choose our exploit and set the options.


Hack the Box Writeup - Jerry

Fire the exploit off, and boom; NT AUTHORITY/SYSTEM straight away giving us immediate access to both flags.


Hack the Box Writeup - Jerry

Told you it would be short ;)


Viewing all articles
Browse latest Browse all 12749