Home » Tags

Linux

Pandora

HTB Box - Pandora (Linux) Writeup

Welcome back to the new CTF blog where we take on Pandora — a Linux CTF box. In this episode, we will focus on the leveraging weak SNMP configuration, Pandora FMS system unauthenticated RCE vulnerability and path overriding to pawn the box. Initial Foothold Our journey begins with a nmap scan to gather more insight about the Pandora box. nmap 10.129.210.204 -sV -sC -oA pandora The box surprisingly returned nothing of interest. A thorough check on the port 80 website also suggests that there are nothing to be tinkering with. ...

April 19, 2024 · 4 min · 717 words
CTF HTB Linux
Broker

HTB Box - Broker (Linux) Writeup

Welcome to my first CTF walkthrough write-up. This is going to be a series where I will be doing CTFs in preparation for OSCP. Initial Foothold Broker is a Linux machine. To better understand the machine, I did a Nmap scan for quick reconnaissance. nmap <ip-address> -sC -sV -oA broker The scan quickly reveals that the target is an ActiveMQ instance hosted with a nginx server. ActiveMQ is an open-source message broker (I see what you did there HTB) service written in Java to share data asynchronously between systems. In other words, one can think of it as a traffic system, but instead of cars, it regulates the flow of messages (data) between different applications. ...

March 8, 2024 · 3 min · 471 words
CTF HTB Linux