6 posts tagged with "Weak Credentials"

Red Teaming | Password Attacks | Summary:​

This room is designed to teach about various strategies and techniques used in cracking or guessing passwords. It covers both offline and online methods, including dictionary and brute-force attacks, rule-based attacks, and custom rules.

The room emphasizes password profiling, teaching users how to create effective wordlists using default, weak, leaked, combined, and username sources.

Other topics include keyspace techniques, CUPP (Custom Password Profile), and online attacks targeting FTP, SMTP, SSH, and HTTP login pages. Additionally, it introduces the concept of password spraying attacks.

Summary:​

We test connectivity to the target and scan it, then enumerate its website and login with some default credentials. Once we have user access, we continue enumerating the site. Analyzing the page source code reveals the used XML version and a potential username.

We exploit the found XXE vulnerability to leak the user's private SSH key, allowing us to access the target machine via SSH and gain user-level access. Next, we grab the user flag. With our foothold established, we enumerate the machine with user-level access until we find a job.bat file that runs with administrator privileges. We exploit this by modifying the scheduled job to run our reverse shell, wait for it to execute, and catch the connection to gain administrative access to the target machine. Finally, we grab the root flag.

Machine Name: Markup | Difficulty: Easy | OS: Windows

Summary:​

This article guides users through completing the Ignition machine challenge on Hack The Box. It covers tasks such as service version identification, HTTP status code retrieval, web fingerprinting, and brute force directory discovery, ultimately leading to gaining access to the Magento admin page and submitting the root flag.

Machine Name: Ignition | Difficulty: Easy | OS: Linux

Summary:​

This walkthrough assists with solving the Sequel machine challenge on Hack The Box, focusing on tasks related to MySQL. Key takeaways include understanding various SQL concepts, utilizing tools like Nmap, and exploiting vulnerabilities to gain access to sensitive information, including a "root flag" in the "htb" database.

Machine Name: Sequel | Difficulty: Easy | OS: Linux

Summary:​

This article guides users through completing the Explosion machine challenge on Hack The Box. The guide covers tasks such as connecting to the target machine via pwnbox, identifying open TCP ports, understanding remote access protocols and tools, and obtaining flags through a series of questions and exercises.

Machine Name: Explosion | Difficulty: Easy | OS: Windows

Summary:​

This article guides users through completing the Meow machine challenge on Hack The Box. It covers identifying & exploiting telnet credentials, gaining root access, and submitting the root flag by reading "flag.txt".

Machine Name: Meow | Difficulty: Easy | OS: Linux