HackTheBox - Three (In Progress)
Three is one of the Starting Points from HackTheBox, where in CTF Three we will learn about SMB (Server Message Block).
Introduction
- Connect Three using Pwnbox or OpenVPN.
- Spawn machine.
Enumeration
To check the target connection and port, we can use Ping and Nmap.
Ping
After spawn machine, we can start with ping Target IP.
1
2
3
4
5
6
7
8
9
10
11
❯ ping 10.129.241.175
PING 10.129.241.175 (10.129.241.175) 56(84) bytes of data.
64 bytes from 10.129.241.175: icmp_seq=1 ttl=63 time=210 ms
64 bytes from 10.129.241.175: icmp_seq=2 ttl=63 time=269 ms
64 bytes from 10.129.241.175: icmp_seq=3 ttl=63 time=292 ms
64 bytes from 10.129.241.175: icmp_seq=4 ttl=63 time=212 ms
--- 10.129.241.175 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 210.369/245.714/291.697/35.525 ms
Nmap
To be able to see all open ports, we can use Nmap, -sCV is a combination of -sC and -sV, where -sC displays the script for the port and -sV displays the version info for the port.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
❯ nmap -sCV 10.129.241.175
Starting Nmap 7.94 ( https://nmap.org ) at 2023-12-28 08:13 WIB
Nmap scan report for JSN.JaringanKU (10.129.241.175)
Host is up (0.21s latency).
Not shown: 998 closed tcp ports (conn-refused)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 17:8b:d4:25:45:2a:20:b8:79:f8:e2:58:d7:8e:79:f4 (RSA)
| 256 e6:0f:1a:f6:32:8a:40:ef:2d:a7:3b:22:d1:c7:14:fa (ECDSA)
|_ 256 2d:e1:87:41:75:f3:91:54:41:16:b7:2b:80:c6:8f:05 (ED25519)
80/tcp open http Apache httpd 2.4.29 ((Ubuntu))
|_http-title: The Toppers
|_http-server-header: Apache/2.4.29 (Ubuntu)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 56.44 seconds
This post is licensed under CC BY 4.0 by the author.