Skip to content

Instantly share code, notes, and snippets.

@jeremypruitt

jeremypruitt/HackTheBox-Fortune.md

Last active August 3, 2019 23:04
Show Gist options
  • Save jeremypruitt/5ee4180efbdf88aa92f0268f446fb104 to your computer and use it in GitHub Desktop.
Save jeremypruitt/5ee4180efbdf88aa92f0268f446fb104 to your computer and use it in GitHub Desktop.
Download ZIP
Hack The Box - Fortune
Raw
HackTheBox-Fortune.md

Techniques

Tools

  • nmap

Setup

  1. Add fortune.htb to the hosts file so we can refer to the host by name 
    $ echo "10.10.10.127 fortune.htb" >> /etc/hosts

Port Scan

  1. Scan for ports and services

    # Use nmap to find available TCP ports quickly
$ fortune_tcp_ports=$( \
    nmap fortune.htb \
         -p- \
         --min-rate=1000 \
         --max-retries=2 \
         -T4 \
         -Pn \
         -oA nmap-tcp-allports \
    | grep ^[0-9] \
    | cut -d '/' -f 1 \
    | tr '\n' ',' \
    | sed s/,$// \
  )

# Scan found ports for services
$ nmap fortune.htb \
       -p ${fortune_tcp_ports} \
       -sV \
       -sC \
       -T4 \
       -Pn \
       -oA nmap-tcp-foundports

  2. Check found ports against the Vulners db/nse script

    $ nmap fortune.htb \
       -p ${fortune_tcp_ports} \
       --script=vulners \
       -Pn \
       -A \
       -T4 \
       -oA nmap-tcp-foundports-vulners

Web Enumeration: fortune.htb:80

  1. ________

    Let's start by looking for interesting URL paths:

    $
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment