5 posts tagged with "FTP"

The File Transfer Protocol (FTP) is a standard network protocol used to transfer files between a local computer and a remote server over the internet, allowing users to upload, download, and manage files on a server remotely.

View All Tags

HTB | Netmon | Write-Up

June 1, 2023 · 16 min read

Summary:

We navigate the Hack The Box website starting by spawning a target machine. Next, we perform reconnaissance on the target to gather initial information and identify an FTP server running on it. We use anonymous authentication to access the FTP share, then enumerate the files available on this share.

Continuing our investigation, we access the NETMON configuration files and extract user credentials from them. Modifying these credentials to suit our needs, we proceed to access the PRTG Network Monitor web interface. Utilizing Metasploit's capabilities, we exploit CVE-2018-9276 to gain shell access with the "LocalSystem" account, thereby achieving system level access. With this access in hand, we grab both the user flag and root flag, ultimately declaring System Own status once these tasks are accomplished.

Machine Name: Netmon | Difficulty: Easy | OS: Windows

HTB | Vaccine | Write-Up

May 18, 2023 · 23 min read

Summary:

We test connectivity and scan the target, then use anonymous FTP access to download and crack a zip archive using John the Ripper. Analyzing the source code and exploiting a hardcoded hash gives us web app access via compromised credentials.

We identify an SQL injection vulnerability, gain control, and upgrade to a reverse shell with low-privileged access. As we enumerate the machine, we find privilege escalation opportunities and exploit SUDO vulnerabilities to gain root access, ultimately obtaining both user and root flags.

Machine Name: Vaccine | Difficulty: Easy | OS: Linux

HTB | Funnel | Write-Up

May 9, 2023 · 10 min read

Summary:

This walkthrough guides users through solving the Funnel machine challenges on Hack The Box, covering tasks such as network scanning, file analysis, and database interactions to ultimately acquire flags.

Machine Name: Funnel | Difficulty: Easy | OS: Linux

HTB | Crocodile | Write-Up

May 6, 2023 · 8 min read

Summary:

This walkthrough provides help solving the Crocodile machine on Hack The Box. The guide covers various topics, including Nmap scanning, service version identification, FTP login procedures, and directory brute force using Gobuster.

Machine Name: Crocodile | Difficulty: Easy | OS: Linux

HTB | Fawn | Write-Up

May 4, 2023 · 8 min read

Summary:

This article guides users through completing the Fawn machine challenge on Hack The Box. It covers identifying & using an anonymous FTP service to access and download the "root flag".

Machine Name: Fawn | Difficulty: Easy | OS: Linux

Summary:​

Summary:​

Summary:​

Summary:​

Summary:​

Summary:

Summary:

Summary:

Summary:

Summary: