This write-up details a step-by-step walkthrough of hacking into an Easy-level machine called "Nocturnal" from HackTheBox. Here's a summary of the key points:
-
The attacker started by scanning open ports using Nmap, identifying port 80 as open.
-
They accessed the web server on port 80 and found an SQLite database file named "nocturnal.db".
-
Using SQL injection techniques, they extracted usernames and hashed passwords from this database.
-
They cracked one of the password hashes using CrackStation.net to get a valid login for user "tobias".
-
By gaining SSH access as tobias, they discovered an internal web server running on port 8080 that could be accessed via SSH port forwarding.
-
The attacker then found an ISPConfig control panel running and exploited a known vulnerability (CVE-2023-46818) to gain root privileges.
-
This allowed them to access the root flag at /root/root.txt, completing the machine's challenges.
The main techniques used were:
- Port scanning
- SQL injection
- Password cracking
- SSH port forwarding
- Exploiting web application vulnerabilities
Some key takeaways
Read the full article at InfoSec Write-ups - Medium
Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.
![[AINews] The Unreasonable Effectiveness of Closing the Loop](/_next/image?url=https%3A%2F%2Fmedia.nemati.ai%2Fmedia%2Fblog%2Fimages%2Farticles%2F600e22851bc7453b.webp&w=3840&q=75)
