all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

HTB, Solidstate user and root pwn

Add to bookmarks
Jan. 18, 2023, 1:32 p.m. | edoubleu

System Weakness - Medium systemweakness.com

Let’s jump in from the perspective of a scriptkiddy

Running Nmap gets the results below

 sudo nmap -sC -sV -v -T4 -sT <Target IP>
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u1 (protocol 2.0)
| ssh-hostkey: 
| 2048 770084f578b9c7d354cf712e0d526d8b (RSA)
| 256 78b83af660190691f553921d3f48ed53 (ECDSA)
|_ 256 e445e9ed074d7369435a12709dc4af76 (ED25519)
25/tcp open smtp?
|_smtp-commands: Couldn't establish connection on port 25
80/tcp open http Apache httpd 2.4.25 ((Debian))
| http-methods: 
|_ Supported Methods: POST OPTIONS HEAD GET
|_http-server-header: Apache/2.4.25 (Debian) …

apache debian ecdsa ed25519 head header home htb http httpd infosec nmap openssh options perspective port protocol results root rsa server service smtp solid ssh state sudo target tcp

Visit resource

More from systemweakness.com / System Weakness - Medium

IDOR Attacks Demystified: How They Work and How to Prevent Them 11 hours ago | systemweakness.com
attacks business compromise confidentiality +13
How does Single Sign-on (SSO) interact with Active Directory (AD) and Outlook? 11 hours ago | systemweakness.com
access active directory applications authentication +15
OSI Model & TCP/IP Comparison 11 hours ago | systemweakness.com
access communication deals frameworks +14
First AD home lab 1 day, 7 hours ago | systemweakness.com
access active directory building can +17
3 Steps to protect yourself from Prompt Injection 1 day, 7 hours ago | systemweakness.com
prompt-engineering prompt injection security
Clocky | TryHackMe Write-up 2 days, 6 hours ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Bypassing Aquatone’s lack of ability to take screenshots of private websites 2 days, 6 hours ago | systemweakness.com
automation cybersecurity hacking pentesting +1
Tuesday Morning Threat Report: Apr 30, 2024 2 days, 6 hours ago | systemweakness.com
analysis artificial intelligence bad customers +21
Staying Anonymous — Ethical Hacking as a Beginner [09] 2 days, 6 hours ago | systemweakness.com
anonymous beginner communication cybersecurity +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority
View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France
View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico
View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States
View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs