all InfoSec news
HackTheBox - Writeup Devvortex [Retired]
April 27, 2024, 3:49 p.m. | Guilherme Martins
DEV Community dev.to
Hackthebox
Neste writeup iremos explorar uma máquina do hackthebox linux de leve easy chamada Devvortex. A máquina aborda as seguintes vulnerabilidades e técnicas:
- Enumeração de subdominios
- Análise e exploração de vulnerabilidade na CMS Joomla (CVE-XXX)
- Crackeando senhas
- Privilege Escalation CVE-2023-1326
Enumeração e user flag
Iremos iniciar realizando uma varredura no host alvo a procura de portas abertas, para isso vamos utilizar o nmap:
┌──(root㉿kali)-[/home/…/hackthebox/machines-linux/unobtainium/kubernetes]
└─# nmap -sV --open -Pn 10.129.56.108
Starting Nmap 7.93 ( https://nmap.org ) at 2023-11-25 14:06 …
cms cve cybersecurity easy escalation flag hackthebox host joomla linux privilege privilege escalation security vulnerabilities writeup
More from dev.to / DEV Community
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC