hackthebox Medium

Example Box

web sqli privesc linux

Overview

This is a placeholder writeup for an example HackTheBox machine. Replace this with your actual writeup content.

Enumeration

Nmap Scan

1

nmap -sC -sV -oN nmap/initial 10.10.10.x

Discovered open ports:

  • 22 - SSH (OpenSSH 8.9)
  • 80 - HTTP (Apache 2.4)

Web Enumeration

Browsing to port 80 reveals a login page. Running gobuster against it:

1

gobuster dir -u http://10.10.10.x -w /usr/share/wordlists/dirb/common.txt

Foothold

Details of the initial access vector would go here.

Privilege Escalation

Details of the privesc path would go here.

Lessons Learned

  • Key takeaways from this box
  • New techniques or tools discovered