all InfoSec news
Write-up of the Blocky machine from HTB
April 24, 2023, 2:11 p.m. | Echo_Slow
InfoSec Write-ups - Medium infosecwriteups.com
Today I’ll take a look at Blocky, where we will explore the easy-rated machine inspired by Minecraft.
Short Summary
- Nmap enumeration for open ports
- Directory busting for additional information
- Reversing a java.Class
- Password reuse, and multiple initial access paths
- Simple privilege escalation via sudo -l
Enumeration
We run a port scan with the following command:
sudo nmap -p- -T4 --min-rate 2500 10.10.10.37
and find the following ports open:
PORT STATE SERVICE REASON
21/tcp open ftp syn-ack ttl 63
22/tcp …
credential stuffing enumeration hackthebox htb machine privilege escalation reversing write-up
More from infosecwriteups.com / InfoSec Write-ups - Medium
Honeypots 101: A Beginner’s Guide to Honeypots
3 days, 6 hours ago |
infosecwriteups.com
No Dev Team? No Problem: Writing Malware and Anti-Malware With GenAI
3 days, 18 hours ago |
infosecwriteups.com
Devvortex Hackthebox Walkthrough
4 days, 7 hours ago |
infosecwriteups.com
Port Scanning for Bug Bounties
4 days, 7 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
Financial Crimes Compliance - Senior - Consulting - Location Open
@ EY | New York City, US, 10001-8604
Software Engineer - Cloud Security
@ Neo4j | Malmö
Security Consultant
@ LRQA | Singapore, Singapore, SG, 119963
Identity Governance Consultant
@ Allianz | Sydney, NSW, AU, 2000
Educator, Cybersecurity
@ Brain Station | Toronto
Principal Security Engineer
@ Hippocratic AI | Palo Alto