Persecure : my learning archive

,

HTB Devel

https://app.hackthebox.com/machines/Devel

Run a nmap scan to find for open ports.

Webserver shows the IIS7 service.

Login to the FTP server via anonymous

It is a asps webserver , we can craft a reverse shell and put it inside the server.

Use msfvenom to create a payload.

Upload the payload via the FTP server.

Start a netcat listener and reload the reverse shell in the browser.

We can search an exploit for wndows 6.1.7600
Download the exploit

Upload it to the FTP server

Move to the inetpub\wwwroot directory to find the upload.

Run the exploit and root is gained.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Comments (

0

)

%d bloggers like this: