all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Grandpa HTB — user and system pwn

Add to bookmarks
Jan. 17, 2023, 8:02 p.m. | edoubleu

System Weakness - Medium systemweakness.com

Grandpa HTB — user and system pwn

Let’s jump in from the perspective of a scriptkiddy

Nmap scan reveals an open HTTP port

PORT   STATE SERVICE VERSION
80/tcp open  http    Microsoft IIS httpd 6.0
|_http-title: Under Construction
|_http-server-header: Microsoft-IIS/6.0
| http-methods: 
|   Supported Methods: OPTIONS TRACE GET HEAD COPY PROPFIND SEARCH LOCK UNLOCK DELETE PUT POST MOVE MKCOL PROPPATCH
|_  Potentially risky methods: TRACE COPY PROPFIND SEARCH LOCK UNLOCK DELETE PUT MOVE MKCOL PROPPATCH
| http-webdav-scan: 
|   Server Type: Microsoft-IIS/6.0 …

construction copy delete head header htb http httpd iis infosec lock microsoft options perspective scan search server service state system tcp trace under unlock webdav

Visit resource

More from systemweakness.com / System Weakness - Medium

NESA Cybersecurity Standards of UAE — An Overview 3 days, 12 hours ago | systemweakness.com
authority called compliance critical +23
Analytics Write-Up 3 days, 12 hours ago | systemweakness.com
ctf-writeup hackthebox htb-writeup infosec +1
SSL certificate chain and how it’s verification works in browser (when misconfigured in server) but 3 days, 12 hours ago | systemweakness.com
ssl ssl-certificate-chain
Cybersecurity Insights: Adversarial Machine Learning Demystified 3 days, 12 hours ago | systemweakness.com
adversarial ai applications artificial intelligence +14
Best Open Source Software for Cybersecurity 3 days, 12 hours ago | systemweakness.com
analysis applications best of can +24
Boosting Website Security: Implementing SSL Termination on Your HAProxy Load Balancer. 5 days, 15 hours ago | systemweakness.com
encryption haproxy ssl certificate web development +1
THM: Gaining Access to the Library Server 5 days, 18 hours ago | systemweakness.com
thm-writeup
Setting Up a Local Kubernetes Cluster with Minikube and Deploying a Web Application 6 days, 11 hours ago | systemweakness.com
kubectl kubernetes minikube virtualbox +1
TestDisk in Linux and recover deleted files 6 days, 11 hours ago | systemweakness.com
data deleted-files-recovery linux recovery

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Deputy Chief Information Security Officer

@ City of Philadelphia | Philadelphia, PA, United States
View on infosec-jobs.com

Global Cybersecurity Expert

@ CMA CGM | Mumbai, IN
View on infosec-jobs.com

Senior Security Operations Engineer

@ EarnIn | Mexico
View on infosec-jobs.com

Cyber Technologist (Sales Engineer)

@ Darktrace | London
View on infosec-jobs.com
View more jobs