A box on Proving Grounds focusing more on enumeration! If in-doubt just enumerate!!
We scan the network and found that the target is running an Apache web-server. Further enumeration of the web-server reveals that there is an unprotected upload functionality which allowed an attacker to upload malicious file which leads…
Created by ustoun0
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.10 (Ubuntu Linux; protocol 2.0)
| 2048 44:ee:1e:ba:07:2a:54:69:ff:11:e3:49:d7:db:a9:01 (RSA)
| 256 8b:2a:8f:d8:40:95:33:d5:fa:7a:40:6a:7f:29:e4:03 (ECDSA)
|_ 256 65:59:e4:40:2a:c2:d7:05:77:b3:af:60:da:cd:fc:67 (ED25519)
A TryHackMe room made by zyeinn featuring a lot of stuff!
Port 80 and 22 is open
After a full port scan, it reveals port 8765 is also open.
After running Gobuster, I checkout the directories and found interesting stuff in custom/js directory.
Using CrackStation, the hash in…
A TryHackMe room that involves the basics of penetration testing, enumeration, privilege escalation and webapp testing.
Discovered open port 21/tcp on…