all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

HackTheBox - Writeup Devvortex [Retired]

Add to bookmarks
April 27, 2024, 3:49 p.m. | Guilherme Martins

DEV Community dev.to




Hackthebox


Neste writeup iremos explorar uma máquina do hackthebox linux de leve easy chamada Devvortex. A máquina aborda as seguintes vulnerabilidades e técnicas:



  • Enumeração de subdominios

  • Análise e exploração de vulnerabilidade na CMS Joomla (CVE-XXX)

  • Crackeando senhas

  • Privilege Escalation CVE-2023-1326





Enumeração e user flag


Iremos iniciar realizando uma varredura no host alvo a procura de portas abertas, para isso vamos utilizar o nmap:



┌──(root㉿kali)-[/home/…/hackthebox/machines-linux/unobtainium/kubernetes]
└─# nmap -sV --open -Pn 10.129.56.108
Starting Nmap 7.93 ( https://nmap.org ) at 2023-11-25 14:06 …

cms cve cybersecurity easy escalation flag hackthebox host joomla linux privilege privilege escalation security vulnerabilities writeup

Visit resource

More from dev.to / DEV Community

Keyoxide/Ariadne Identity Verification 41 minutes ago | dev.to
account control dev fingerprint +7
Unleash The Power of Azure: Creating A Linux VM with SSH keys Security. an hour ago | dev.to
access azure cloud cloudengineering +22
Use CloudFlare Workers and D1 to Create a Completely Free CRUD API 3 hours ago | dev.to
api backenddevelopment cdn cloud +24
IOT Raspberry Pi using Azure 4 hours ago | dev.to
above account azure azurefunctions +16
Build a password manager with Rust - Part 2 12 hours ago | dev.to
application article build can +13
Security Features in Push Protocol: Ensuring Safe Communication 13 hours ago | dev.to
applications blockchain communication dapps +13
Day 2 of 30 13 hours ago | dev.to
beginners challenge concepts dev +10
@Qualifier 14 hours ago | dev.to
dependency framework injection spring +1
Securing your data 14 hours ago | dev.to
age business can compliance +21

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com