HackTheBox - Optimum

Posted Jan 16, 2024 Updated Nov 5, 2024

By Muhammad Khoirul Huda

1 min read

## Enumeration

### Nmap

  
 # Nmap 7.94 scan initiated Mon Jan 15 10:32:24 2024 as: nmap -sCV -T4 -oN nmap.txt 10.10.10.8
Nmap scan report for 10.10.10.8
Host is up (0.052s latency).
Not shown: 999 filtered tcp ports (no-response)
PORT   STATE SERVICE VERSION
80/tcp open  http    HttpFileServer httpd 2.3
|_http-title: HFS /
|_http-server-header: HFS 2.3
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Mon Jan 15 10:32:42 2024 -- 1 IP address (1 host up) scanned in 18.37 seconds

Coba kita jalankan ke browser, hum gada file dan juga harus login. Coba kita cari exploit nya di msfconsole, search httpfileserver dan gunakan exploit nya

Oke, dapat user flagnya. Karena mesinnya sudah diupdate, jadinya exploit yang ada di msfconsole untuk ke root udah difix. Kita pakai cara yang lain ajah

HackTheBox, Machines

This post is licensed under CC BY 4.0 by the author.

Trending Tags