Hey folks, today we have one of HackTheBox machines “Time” which medium level, let’s take a look at its info

What we will do ?

As usual, we have some steps which we follow to pwn any machine, our steps are:

  1. Scanning
  2. Gaining Access
  3. Maintaining Access
  4. Reporting / Analysis

1. Information Gathering

In this step we aim to collect all these informations, which we can collect on a specific target like its open ports, security mode of login systems, directories, OS version, services versions, etc

2. Scanning

In this step we aim to scan all collected info from the previous one.

The error

3. Gaining Access

It works locally as you will see in the repo but after understanding the methodology of it you can edit the execution method to make it remotely, and to be honest, I asked my friend also about it :)

Request inject.sql file from the attacker machine

4. Maintaining Access

For this step I’ve performed multiple tasks to get the root privileges:

  1. Use Exploit-Suggester tools to discover the kernel vulnerabilities
  2. Use automation tools to perform multiple tasks like linPEAS or linenum
  3. Use PsPy to listen for the executed processes to watch and note if there’s any process can lead me to the root flag

Congrats ❤

Stay in touch

LinkedIn | GitHub | Twitter

Offensive Security Enthusiast