all InfoSec news
HackTheBox - Writeup Devvortex [Retired]
April 27, 2024, 3:49 p.m. | Guilherme Martins
DEV Community dev.to
Hackthebox
Neste writeup iremos explorar uma máquina do hackthebox linux de leve easy chamada Devvortex. A máquina aborda as seguintes vulnerabilidades e técnicas:
- Enumeração de subdominios
- Análise e exploração de vulnerabilidade na CMS Joomla (CVE-XXX)
- Crackeando senhas
- Privilege Escalation CVE-2023-1326
Enumeração e user flag
Iremos iniciar realizando uma varredura no host alvo a procura de portas abertas, para isso vamos utilizar o nmap:
┌──(root㉿kali)-[/home/…/hackthebox/machines-linux/unobtainium/kubernetes]
└─# nmap -sV --open -Pn 10.129.56.108
Starting Nmap 7.93 ( https://nmap.org ) at 2023-11-25 14:06 …
cms cve cybersecurity easy escalation flag hackthebox host joomla linux privilege privilege escalation security vulnerabilities writeup
More from dev.to / DEV Community
ID Document Recognition SDK by FacePlugin
20 hours ago |
dev.to
6 hard truths about learning to code in 2024
22 hours ago |
dev.to
Jobs in InfoSec / Cybersecurity
Security Engineer II, Engineering
@ Trail of Bits | Worldwide - Remote
Technical Support Engineer - Network Security
@ Ivanti | Bengaluru, India (Bagmane)
Senior Security Analyst- Container Threat and Vulnerability Management
@ Oracle | Philippines
Cybersecurity Strategy & Operations Officer (m/f/d)
@ Nordex Group | Madrid, ES, 28001
Security Administrator
@ ManTech | 201DT - 2251 Corp Park Dr, Herndon, VA
Cybersecurity Specialist
@ GFT Technologies | Sant Cugat del Vallès, B, ES, 08174