Hacking
Github
Twitter
Search…
Hacking
Hacking, Bug Bounties & Penetration Testing
The Hacker Lab
Methodologies
Basic Buffer Overflow
Basic Internal Network test
Basic Mobile Testing guide
Basic Subdomain Enumeration guide
Guides
Build A Raspberry Pi Dropbox
Golang
Powershell / PowerView
Hack The Box last updated - 2019
Legacy
Devel
Optimum
Popcorn
Beep
Tenten
Arctic
Cronos
Grandpa
Granny
October
Lazy
Sneaky
Holiday
Blocky
Shrek
Blue
Joker
Europa
Haircut
Bank
SolidState
Mantis
Shocker
Tally
Sense
Jeeves
Stratosphere
Inception
Bashed
Fluxcapacitor
Canape
Rabbit
Chatterbox
Nibbles
Sunday
Aragog
Valentine
Silo
Olympus
Poison
Celestial
Waldo
Jerry
Access
Active
Netmon
Powered By
GitBook
Access
Access - 10.10.10.98
Target Enumeration:
OS: Windows
IP: 10.10.10.98
User: ff1f3b48913b213a31ff6756d2553d38
Root: 6e1586cc7ab230a8d297e8f933d904cf
Ports / Services / Software Versions Running
FTP
Telnet
HTTP
Vulnerability Exploited:
Anonymous ftp access allows you to download a mdb file which once reviewed gives you a password for the zip file.
Once zip file is extracted there is a telnet password for security in the outlook backup file.
Privilege Escalation:
Runas to get reverse nc shell.
Exploiting the host:
Nmap
Anonymous access to FTP allowed so download the files
Open the mdb file with the following url
https://www.mdbopener.com/
​
Found the password within the backup.mdb file
[email protected]
Use this password to extract access control.zip
Which gives you what looks to be an outlook backup
Install outlook in a windows vm and import the pst file
Use these creds to login via telnet security:4Cc3ssC0ntroller
Grab the user flag
User is low priv
There is a sql service script within the C:\temp dir
Which has credentials of sa:
[email protected]
Good chance we have to open the mssql service and exploit that to get root
Can’t find sql server running so must be a false positive/ rabbit hole.
Download nc to the machine and run with runas
Receive a root shell
Collect your flag
Hack The Box last updated - 2019 - Previous
Jerry
Next - Hack The Box last updated - 2019
Active
Last modified
3yr ago
Copy link
Contents
Access - 10.10.10.98
Target Enumeration:
Ports / Services / Software Versions Running
Vulnerability Exploited:
Privilege Escalation:
Exploiting the host: