Hackthebox - Mentor
HackTheBox - Mentortags: hackthebox linux mediumAuthor: kavigihan Initial Enumeratationnmap12345678910111213141516171819202122# Nmap 7.92 scan initiat ...
Read more
Hackthebox - PhotoBombRead more
Hackthebox - AmbassadorRead more
Hackthebox - UpdownRead more
Hackthebox - Shoppy

Summary

HackTheBox - Shoppy is a HackTheBox easy linux machine created by lockscan. Had a injection which lead to broken authentication. with more injection we where able to leak admin credentials using which we can access mattermost on that we get ssh credentials and get access to box checking sudo -l we see password manager can be ran as user deploy getting the password we can get deploy user shell password. As deploy user we are in docker group using which we can get root on the box.

Read more