๋ณธ๋ฌธ ๋ฐ”๋กœ๊ฐ€๊ธฐ
  • Tried. Failed. Logged.
728x90

๐ŸดCTF/Hack The Box3

Hack The Box - Busqueda Writeup SynopsisBusqueda is an Easy Difficulty Linux machineinvolves exploiting a command injection vulnerability present in a python module.By leveraging this vulnerability(์ด ์ทจ์•ฝ์ ์„ ์ด์šฉํ•˜์—ฌ), we gain user-level access to the machine.To escalate privileges to root, we discover credentials within a Git config file, allowing us to log into a local Gitea service.Additionally(์ถ”๊ฐ€์ ์œผ๋กœ), we uncover that a system che.. 2025. 4. 16.
Hack The Box - Archetype Writeup(2) ์ง์ ‘ ๊ฐ€์ƒ๋จธ์‹ ์—์„œ openvpn์„ ํ†ตํ•ด ํƒ€์ผ“ ๋จธ์‹ ๊ณผ ํ†ต์‹ ์ด ๊ฐ€๋Šฅํ•˜๊ฒŒ ๋งŒ๋“ค์–ด ์ฃผ์—ˆ์Šต๋‹ˆ๋‹ค. ์ด์ „์— ๋ง‰ํ˜”๋˜ ์ธํ„ฐ๋„ท ํ†ต์‹ ์ด ์ด์   ๊ฐ€๋Šฅํ•ด์กŒ์Šต๋‹ˆ๋‹ค.  Task 4. What script from Impacket collection can be used in order to establish an authenticated connection to a Microsoft SQL Server?(Microsoft SQL Server์— ์ธ์ฆ๋œ ์—ฐ๊ฒฐ์„ ์„ค์ •ํ•˜๊ธฐ ์œ„ํ•ด Impacket ์ปฌ๋ ‰์…˜์˜ ์–ด๋–ค ์Šคํฌ๋ฆฝํŠธ๋ฅผ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋‚˜์š”?)  ๋ฌธ์ œ๊ฐ€ ์ดํ•ดํ•˜๊ธฐ ์–ด๋ ค์šธ ๊ฒฝ์šฐ ๋งจ ์ƒ๋‹จ์— ํžŒํŠธ๊ฐ€ ์ ํžŒ pdf ํŒŒ์ผ์„ ํ™•์ธํ•  ์ˆ˜ ์žˆ๋Š” ๋ฒ„ํŠผ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๊ฑธ ๋ˆŒ๋Ÿฌ ์ฐธ๊ณ ํ•˜์„ธ์š”.  ๋ณด์•„ํ•˜๋‹ˆ mssqlclient.py๋ฅผ ํ†ตํ•ด MSSQL ์„œ๋ฒ„์— ์ ‘์†์ด ๊ฐ€๋Šฅํ•œ๊ฐ€.. 2024. 3. 4.
Hack The Box - Archetype Writeup(1) Task 1. Which TCP port is hosting a database server?(๋ฐ์ดํ„ฐ๋ฒ ์ด์Šค ์„œ๋ฒ„์˜ ํฌํŠธ ๋ฒˆํ˜ธ๋Š” ๋ฌด์—‡์ธ๊ฐ€?) ์ •๋ณด ์ˆ˜์ง‘์„ ์œ„ํ•ด ํฌํŠธ ์Šค์บ๋„ˆ(nmap)๋ฅผ ์‚ฌ์šฉํ•ด ๋Œ€์ƒ(10.129.44.107)์ด ๊ฐœ๋ฐฉํ•œ ํฌํŠธ๋ฅผ ์Šค์บ”ํ•ฉ๋‹ˆ๋‹ค.  nmap -sC -sV 10.129.44.107 ์Šค์บ” ๊ฒฐ๊ณผ ๋Œ€์ƒ์ด SMB(135, 139, 445)์™€ MS-SQL ์„œ๋ฒ„๊ฐ€ ํ™œ์„ฑํ™”๊ฐ€ ๋œ ๊ฒƒ์„ ๋ณผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.  ๋ช…๋ น์–ด ์˜ต์…˜(-sC, -sV) ์„ค๋ช…์€ ์•„๋ž˜์™€ ๊ฐ™์Šต๋‹ˆ๋‹ค.   ๋ฌธ์ œ1 ์ •๋‹ต์€ 1433  Task 2. What is the name of the non-Administrative share available over SMB?(SMB์—์„œ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋Š” ๋น„๊ด€๋ฆฌ์ž ๊ณต์œ ์˜ ์ด๋ฆ„์€ ๋ฌด์—‡์ธ๊ฐ€์š”? ) ๋ฆฌ๋ˆ…์Šค์—๋Š” s.. 2024. 2. 28.
728x90

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”