Skip to main content

One post tagged with "Brute Force Attack"

A Brute Force Attack is a type of cyber attack where an attacker tries every possible combination of passwords or credentials to gain unauthorized access to a system, network, or application. This involves systematically attempting each potential password, often using automated tools and massive computational resources, until the correct one is found. Brute force attacks can be time-consuming and resource-intensive but are effective against systems with weak or easily guessable passwords.

View All Tags

HTB | Jerry | Write-Up

· 13 min read

Summary:

We navigate the Hack The Box website, starting by spawning a target machine. Next, we perform reconnaissance on the target to gather initial information. We identify a running webserver and proceed with directory enumeration using gobuster to uncover hidden directories. After discovering a server status login page with default credentials, we log in to gain access to the Manager App website.

Analyzing this app further, we collect the necessary credentials to log in and then identify a file upload vulnerability on the website. We create a malicious payload using msfvenom, which we use to upload and execute a reverse shell on the target machine. With a stable shell established at system level access, we proceed to grab both the user flag and root flag, ultimately achieving System Own status.

Machine Name: Jerry | Difficulty: Easy | OS: Windows