Hacking
Hacking
Github
Twitter
Hacking, Bug Bounties & Penetration Testing
Methodologies
Basic Buffer Overflow
Basic Internal Network test
Basic Mobile Testing guide
Basic Subdomain Enumeration guide
Guides
Build A Raspberry Pi Dropbox
Hack The Box last updated - 2019
Legacy
Devel
Optimum
Popcorn
Beep
Tenten
Arctic
Cronos
Grandpa
Granny
October
Lazy
Sneaky
Holiday
Blocky
Shrek
Blue
Joker
Europa
Haircut
Bank
SolidState
Mantis
Shocker
Tally
Sense
Jeeves
Stratosphere
Inception
Bashed
Fluxcapacitor
Canape
Rabbit
Chatterbox
Nibbles
Sunday
Aragog
Valentine
Silo
Olympus
Poison
Celestial
Waldo
Jerry
Access
Active
Netmon
Powered by GitBook

Jerry

Jerry - 10.10.10.95

Target Enumeration:

OS: Microsoft Windows Server 2012 R2 Standard

IP: 10.10.10.95

User: 7004dbcef0f854e0fb401875f26ebd00

Root: 04a8b36e1545a455393d067e772fe90e

Vulnerability Exploited:

Default credentials set for tomcat manager running as system user.

Exploiting the host:

Nmap

Dirb

Default credentials for Tomcat login: tomcat: s3cret

Access the tomcat manager app

Create shell

Upload Shell via manager app

Now extract the war file to find the name of the payload

Open a nc listener on port 443 and access .jsp file via a web browser

Now you have an administrator shell

Grab your flags

Hack The Box last updated - 2019 - Previous
Waldo
Next - Hack The Box last updated - 2019
Access
Last updated 2 years ago
Contents
Jerry - 10.10.10.95
Target Enumeration:
Vulnerability Exploited:
Exploiting the host: