Hack The Box — Time

What we will do ?

  1. Recon / Information gathering
  2. Scanning
  3. Gaining Access
  4. Maintaining Access
  5. Reporting / Analysis

1. Information Gathering

2. Scanning

The error

3. Gaining Access

Request inject.sql file from the attacker machine

4. Maintaining Access

  1. Enumerate the directories and files for any leaked data
  2. Use Exploit-Suggester tools to discover the kernel vulnerabilities
  3. Use automation tools to perform multiple tasks like linPEAS or linenum
  4. Use PsPy to listen for the executed processes to watch and note if there’s any process can lead me to the root flag

Congrats ❤

Stay in touch




Offensive Security Enthusiast — twitter @eslam3kll

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} The Sex Game Hack Free Resources Generator

{UPDATE} Bind free - addictive puzzle game Hack Free Resources Generator

Getting your privacy acronyms and their requirements rights: GDPR, CCPA, LGPD, PoPI

Hack The Box — PopCorn

Celebrating $100 for 100 Giveaway!

How to Check a Country’s European Union Membership in Node.JS

Test a URL for SSRF Attacks in PHP

{UPDATE} Dr. King Zoo Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Eslam Akl

Eslam Akl

Offensive Security Enthusiast — twitter @eslam3kll

More from Medium

Personal CVE-ID Migration Project

My First Blind SQL Injection

Hack the Box — Beep Writeup