I've won there the Raspberry Pi 4B - on which I am currently running my headless Kali box (accessible over the Internet). 🔗 CTF: Cyber Apocalypse 2021 Datadog x HackTheBox at RSA CTF I really liked these events that grant at least 24h after competition to go through all tasks and fill the blanks in the reports. I have learned that it is very hard to both focus on taking notes that will be usable later when doing write-ups while going through CTF challenges. 🔗 Join CyberEthical.Me community on the Discord Participation & media presence Server is really useful when, as a group, we are participating in the CTF. I wish we have more discussions there, even when I start some topic I get close to none response, so apart from few of members I assume these are mostly dead numbers. Of couse this doesn't include the Patreon benefits. I've also launched a one-time support option. Unfortunately, not a single person showed the interest. Well, I was having particularly high hopes that creating Patreon will awake the community and I would be able to create more targeted content, for the topics you would like to see. Second one was the clever command which I spot during HTB Battlegrounds from ippsec. Most attention got Tweet that was boosted by Hack The Box during their Cyber Santa 2021 CTF. I'm participating in the CTF and just got the flag - be proud of it on Twitter.Īs for the statistics, this platform allows only 3 months span, so there was a little more of work to collect data, but here there are: I'm watching some live content and see some clever command - tweet about it. Later on 2021 I discovered that quick, impulsive tweets gets the best attention. Oh yeah, there is also a Twitter, that I was never sure what should go there. But I think 70 followers on Instagram is pretty good, taking into consideration I haven't done any aggressive marketing.
#ACADEMY HACKTHEBOX PASSWORD#
Password spray: crackmapexec ssh 10.10.10.215 -u user.list -p 'mySup3rP4s5w0rd!!'.If we check for password reuse, we successfully login as cry0l1t3.
#ACADEMY HACKTHEBOX UPGRADE#
I spawn my own reverse shell so I can upgrade it.Also check this post explaining the attack.There is a nice post explaining the CVE.roleid is the most interesting parameter.I started with registering to the Web Server.Wordlist: /usr/share/seclists/Discovery/Web-Content/ĥ 17:37:00 Starting gobuster in directory enumeration mode └─$ gobuster dir -u -w /usr/share/seclists/Discovery/Web-Content/ -t 50 -x php,txt -no-errorīy OJ Reeves & Christian Mehlmauer Url: Nmap done: 1 IP address (1 host up) scanned in 36.95 seconds Service Info: OS: Linux CPE: cpe:/o:linux:linux_kernel If you know the service/version, please submit the following fingerprint at : | DNSStatusRequestTCP, LDAPSearchReq, NotesRPC, SSLSessionReq, TLSSessionReq, X11Probe, afp:ġ service unrecognized despite returning data. |_http-title: Did not follow redirect to |_http-server-header: Apache/2.4.41 (Ubuntu) Not shown: 998 closed tcp ports (conn-refused)Ģ2/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.1 (Ubuntu Linux protocol 2.0)
0 kommentar(er)
