Hack-the-box writeup Nunchucks

Published on May 8, 2023

This is a write up for the hack-the-box challenge box Nunchucks. This time with real commands copy while working at the challenge. Next time we try do do screenshots as well.

Finding a attack surface

Port scan

We once again started with a nmap port scan to find open ports and services that can be used to find a attack angle.

╰─❯ sudo nmap -sC -sV 10.10.11.122 -Pn

Starting Nmap 7.93 ( https://nmap.org ) at 2023-05-04 14:35 CEST
Stats: 0:00:17 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 66.67% done; ETC: 14:36 (0:00:06 remaining)
Nmap scan report for …

Hack-the-box writeup Pandora

Published on May 3, 2023

This is a write up for the hack-the-box challenge box Pandora. As there was a technical issue connecting to the device using for the attack there are no screenshots in this writeup. Moreover the commands needed to be reconstructed after the this scrip was written and the challenge ended. As i cant remember the ip-address used the used one is chosen comply ran.

Initial Access

TCP port scan

We begin with a port scan using nmap to find out witch ports are used and to get a short overview over what potentially could be our attack surface. We discoverd two open ports, running http:80 and ssh:22 …