HackTheBox - Writeup Devvortex [Retired] | allinfosecnews.com

April 27, 2024, 3:49 p.m. | Guilherme Martins

DEV Community dev.to

Hackthebox

Neste writeup iremos explorar uma máquina do hackthebox linux de leve easy chamada Devvortex. A máquina aborda as seguintes vulnerabilidades e técnicas:

Enumeração de subdominios

Análise e exploração de vulnerabilidade na CMS Joomla (CVE-XXX)

Crackeando senhas

Privilege Escalation CVE-2023-1326

Enumeração e user flag

Iremos iniciar realizando uma varredura no host alvo a procura de portas abertas, para isso vamos utilizar o nmap:

┌──(root㉿kali)-[/home/…/hackthebox/machines-linux/unobtainium/kubernetes]
└─# nmap -sV --open -Pn 10.129.56.108
Starting Nmap 7.93 ( https://nmap.org ) at 2023-11-25 14:06 …

cms cve cybersecurity easy escalation flag hackthebox host joomla linux privilege privilege escalation security vulnerabilities writeup

More from dev.to / DEV Community

Dependency Injection: A Straightforward Implementation in Golang 2 hours ago | dev.to

architecture backend components dependencies +14

What do you want to know about tech & open source? AMA 4 hours ago | dev.to

ama beginners discuss events +9

Value of Frida Dynamic Instrumentation to Cyber Community 10 hours ago | dev.to

applications attacks bolster community +20

Vulnerabilities: Cause for Concern 13 hours ago | dev.to

audit course everything fix +11

Welcome to the Exciting World of Zig! 🚀 17 hours ago | dev.to

compiler detect efficiency error +14

ID Document Recognition SDK by FacePlugin 20 hours ago | dev.to

airports banks businesses challenges +16

What Is Cross-Site Scripting (XSS) and How Does It Work? 20 hours ago | dev.to

attacks cross-site cross-site scripting (xss) attacks digital +26

6 hard truths about learning to code in 2024 22 hours ago | dev.to

article best practices career code +17

tough-cookie-2.4.3 Vulnerability issue 1 day ago | dev.to

angular assistance cookie critical +6

Security Engineer II, Engineering

@ Trail of Bits | Worldwide - Remote

View on infosec-jobs.com

Technical Support Engineer - Network Security

@ Ivanti | Bengaluru, India (Bagmane)

View on infosec-jobs.com

Senior Security Analyst- Container Threat and Vulnerability Management

@ Oracle | Philippines

View on infosec-jobs.com

Cybersecurity Strategy & Operations Officer (m/f/d)

@ Nordex Group | Madrid, ES, 28001

View on infosec-jobs.com

Security Administrator

@ ManTech | 201DT - 2251 Corp Park Dr, Herndon, VA

View on infosec-jobs.com

Cybersecurity Specialist

@ GFT Technologies | Sant Cugat del Vallès, B, ES, 08174

View on infosec-jobs.com