https://www.noobsec.net/tags/walkthrough/ Recent content in Walkthrough on Welcome to noobsec Hugo -- gohugo.io en-us Tue, 11 Aug 2020 17:22:10 +0000 https://www.noobsec.net/hackthebox/htb-bart/ Tue, 11 Aug 2020 17:22:10 +0000 https://www.noobsec.net/hackthebox/htb-bart/ <!-- end-chunk --> <!-- begin-chunk data-anchor="hackthebox---bart-writeup-wo-metasploit" --> <h1 class="header-anchor-wrapper">HackTheBox - Bart Writeup w/o Metasploit <a href="#hackthebox---bart-writeup-wo-metasploit" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h1> <!-- end-chunk --> <!-- begin-chunk data-anchor="introduction" --> <h2 class="header-anchor-wrapper">Introduction <a href="#introduction" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h2> <p>Bart is a retired Windows machine from HackTheBox. It has been rated as a medium difficulty machine, as it requires you to spend a good amount of time to enumerate but the exploiting part is not so hard.</p> https://www.noobsec.net/hackthebox/htb-bashed/ Sat, 08 Aug 2020 23:43:37 +0000 https://www.noobsec.net/hackthebox/htb-bashed/ <!-- end-chunk --> <!-- begin-chunk data-anchor="hackthebox---bashed-writeup-wo-metasploit" --> <h1 class="header-anchor-wrapper">HackTheBox - Bashed Writeup w/o Metasploit <a href="#hackthebox---bashed-writeup-wo-metasploit" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h1> <!-- end-chunk --> <!-- begin-chunk data-anchor="introduction" --> <h2 class="header-anchor-wrapper">Introduction <a href="#introduction" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h2> <p>Bashed is a retired HackTheBox machine, rated easy and rightfully so. We go from finding a hidden web shell to quickly gaining root due to over privileged users. I present a small discussion at the end of the write-up that I had with some folks on what steps could be taken to secure something like this on a corporate level, not really necessary but fun.</p> https://www.noobsec.net/hackthebox/htb-lame/ Sat, 01 Aug 2020 19:03:06 +0000 https://www.noobsec.net/hackthebox/htb-lame/ <!-- end-chunk --> <!-- begin-chunk data-anchor="hackthebox---lame-writeup-wo-metasploit" --> <h1 class="header-anchor-wrapper">HackTheBox - Lame Writeup w/o Metasploit <a href="#hackthebox---lame-writeup-wo-metasploit" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h1> <!-- end-chunk --> <!-- begin-chunk data-anchor="introduction" --> <h2 class="header-anchor-wrapper">Introduction <a href="#introduction" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h2> <p>Lame was the first machine on the HackTheBox platform, it is very much like any other Boot2Root machine but is good for beginners. Lame is a Linux machine and has rightfully rated as Easy by the platform. There are 2 ways to own the machine and a false positive which may or may not lead to a rabbit hole, depending on the way you approach it.</p> https://www.noobsec.net/hackthebox/htb-falafel-writeup-w-o-metasploit/ Sat, 18 Jul 2020 14:46:16 +0000 https://www.noobsec.net/hackthebox/htb-falafel-writeup-w-o-metasploit/ <!-- end-chunk --> <!-- begin-chunk data-anchor="hackthebox---falafel-writeup-wo-metasploit" --> <h1 class="header-anchor-wrapper">HackTheBox - Falafel Writeup w/o Metasploit <a href="#hackthebox---falafel-writeup-wo-metasploit" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h1> <!-- end-chunk --> <!-- begin-chunk data-anchor="introduction" --> <h2 class="header-anchor-wrapper">Introduction <a href="#introduction" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h2> <p>Falafel is a retired HackTheBox machine and one of the most interesting machines I have hacked on the platform. It is a Linux machine with some really fun vulnerabilities to exploit. The machine is rated hard but the author was kind enough to give us hints as we hack through it. The machine requires you to know a range of nuances from SQLi to Linux filesystems. Let&rsquo;s jump right in.</p> https://www.noobsec.net/hackthebox/htb-cronos/ Tue, 07 Jul 2020 01:43:22 +0000 https://www.noobsec.net/hackthebox/htb-cronos/ <!-- end-chunk --> <!-- begin-chunk data-anchor="hackthebox---cronos-writeup-wo-metasploit" --> <h1 class="header-anchor-wrapper">HackTheBox - Cronos Writeup w/o Metasploit <a href="#hackthebox---cronos-writeup-wo-metasploit" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h1> <!-- end-chunk --> <!-- begin-chunk data-anchor="introduction" --> <h2 class="header-anchor-wrapper">Introduction <a href="#introduction" class="header-anchor-link"> <svg xmlns="http://www.w3.org/2000/svg" width="1rem" height="1rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <line x1="4" y1="9" x2="20" y2="9"></line><line x1="4" y1="15" x2="20" y2="15"></line><line x1="10" y1="3" x2="8" y2="21"></line><line x1="16" y1="3" x2="14" y2="21"></line> </svg> </a> </h2> <p>Cronos is a HackTheBox retired machine. It is a Linux box, and has been officially rated as medium in difficulty, although I feel the machine is quite easy. Let&rsquo;s jump in.</p>