Hi there 👋 Rezy Dev Here!

Link: https://app.hackthebox.com/machines/Busqueda Difficulty Easy Machine Linux Enumeration Nmap Scan 22/tcp open ssh syn-ack OpenSSH 8.9p1 Ubuntu 3ubuntu0.1 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 256 4f:e3:a6:67:a2:27:f9:11:8d:c3:0e:d7:73:a0:2c:28 (ECDSA) | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIzAFurw3qLK4OEzrjFarOhWslRrQ3K/MDVL2opfXQLI+zYXSwqofxsf8v2MEZuIGj6540YrzldnPf8CTFSW2rk= | 256 81:6e:78:76:6b:8a:ea:7d:1b:ab:d4:36:b7:f8:ec:c4 (ED25519) |_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTtbUicaITwpKjAQWp8Dkq1glFodwroxhLwJo6hRBUK 80/tcp open http syn-ack Apache httpd 2.4.52 |_http-title: Did not follow redirect to http://searcher.htb/ |_http-server-header: Apache/2.4.52 (Ubuntu) | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS Service Info: Host: searcher.htb; OS: Linux; CPE: cpe:/o:linux:linux_kernel Port 80 (http) I added searcher....

Link: https://app.hackthebox.com/machines/Blurry Difficulty Medium Machine Linux Enumeration I performed a quick Nmap scan on the target to identify open ports: PORT STATE SERVICE REASON 22/tcp open ssh syn-ack 80/tcp open http syn-ack After discovering the open ports, I conducted an aggressive scan on the target for a more in-depth analysis using: sudo nmap 10.10.11.19 -T4 -vv -sV -sC -O -A PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 8....

Link: https://app.hackthebox.com/machines/Freelancer Difficulty Hard Machine Windows Enumeration I ran nmap quickly to find open ports using: nmap 10.10.11.5 -T4 -vv PORT STATE SERVICE REASON 53/tcp open domain syn-ack 80/tcp open http syn-ack 88/tcp open kerberos-sec syn-ack 135/tcp open msrpc syn-ack 139/tcp open netbios-ssn syn-ack 389/tcp open ldap syn-ack 445/tcp open microsoft-ds syn-ack 464/tcp open kpasswd5 syn-ack 593/tcp open http-rpc-epmap syn-ack 636/tcp open ldapssl syn-ack 3268/tcp open globalcatLDAP syn-ack 3269/tcp open globalcatLDAPssl syn-ack With this open ports, I did agressive nmap scan using: sudo nmap 10....

Link: https://app.hackthebox.com/machines/BoardLight Difficulty Easy Machine Linux Enumeration I ran the Nmap command to find all available open ports on this system using the command: nmap 10.10.11.11 -T4 -vv. **PORT STATE SERVICE REASON 22/tcp open ssh syn-ack 80/tcp open http syn-ack** Again, I ran an aggressive scan using the command: sudo nmap 10.10.11.11 -T4 -p22,80 -A -sC -sV -O -vv. While it ran, I was looking at port 80 and enumerating the web server....

Link: https://app.hackthebox.com/machines/Editorial Difficulty Easy Machine Linux Enumeration I ran nmap scan quickly on the target machine to reveal open ports on the box. PORT STATE SERVICE REASON 22/tcp open ssh syn-ack 80/tcp open http syn-ack I again ran agressive scan on the box on two open ports again using sudo nmap 10.10.11.20 -T4 -vv -sC -sV -A -O , following is result of the scan: PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 8....

Link: https://app.hackthebox.com/machines/MagicGardens Difficulty Insane Machine Linux Enumeration As usual, initiating an Nmap scan on this machine with the command nmap 10.10.11.9 -T4 -vv -p- yields the following output: PORT STATE SERVICE REASON 22/tcp open ssh syn-ack 25/tcp open smtp syn-ack 80/tcp open http syn-ack 1337/tcp open waste syn-ack 5000/tcp open upnp syn-ack I also conducted an aggressive scan on the ports, and here is the output for that: PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 9....

Link: https://app.hackthebox.com/machines/SolarLab Difficulty Medium Machine Windows Enumeration Nmap I ran nmap 10.10.11.16 -vv -p- -T4 first to see all available ports on this box. I checked port 80 (the verbose flag showed us that port 80 was already open) while I waited for the scan to complete. I visited the site after adding 10.10.11.16 solarlab.htb to the /etc/hosts file. This is what the website looks like. As the nmap finished scanning all ports, here are the open ports on this box:...

Link: https://app.hackthebox.com/machines/Intuition Difficulty Hard Machine Linux Enumeration Nmap Scan I started with an Nmap scan to identify open ports on the target machine. The scan revealed two open ports: Port 22: SSH Port 80: HTTP Next, I conducted an aggressive scan to gather more detailed information about the services running on these ports. The results provided insights into potential vulnerabilities and configurations that could be exploited. PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack OpenSSH 8....

Link: https://app.hackthebox.com/machines/Mailing Difficulty Easy Machine Windows Enumeration Nmap I ran Nmap with the command nmap 10.10.11.14 -vv -p- -T4. It gave me a lot of information about the open ports on the target machine. However, my focus was primarily on the HTTP port, so I conducted an aggressive scan on all the ports to gather as much detail as possible. PORT STATE SERVICE REASON 25/tcp open smtp syn-ack 80/tcp open http syn-ack 110/tcp open pop3 syn-ack 135/tcp open msrpc syn-ack 139/tcp open netbios-ssn syn-ack 143/tcp open imap syn-ack 445/tcp open microsoft-ds syn-ack 465/tcp open smtps syn-ack 587/tcp open submission syn-ack 993/tcp open imaps syn-ack 5040/tcp open unknown syn-ack 5985/tcp open wsman syn-ack 7680/tcp open pando-pub syn-ack 47001/tcp open winrm syn-ack 49664/tcp open unknown syn-ack 49665/tcp open unknown syn-ack 49666/tcp open unknown syn-ack 49667/tcp open unknown syn-ack 55959/tcp open unknown syn-ack During the aggressive scan, I used the command nmap 10....

Welcome to the write-up of CSAW Quals 2024. This document details the CTF challenges I solved during the competition. The Triple Illusion (Forensics) We were given three .png files. I used ExifTool on one and zsteg on the other two to extract some information from the files, as shown below for all of them. ╭─rezy@dev ~/Desktop/images ╰─➤ exiftool datavsmetadata.png ExifTool Version Number : 12.76 File Name : datavsmetadata.png User Comment : Think about a two-input gate that outputs when inputs differ....