SecWalk.com

Retired HTB Walkthroughs

  • HTB Walkthrough Book 10.10.10.176
    Summary Foothold After the Nmap scan we see there are only 2 ports open. after poking around we discover the sign up page is vulnerable to an SQL truncation Attack User Once we are logged into the admin and normal site we discover an XSS vulnerability, cause this vulnerability we were able to get the […]
  • HTB Walkthrough ForwardSlash 10.10.10.183
    Summary Foothold after some web enumeration we find out there is a backup site which still contains a LFI, after looking around we see there is a dev folder which contains a index.php file, in that file we were able to find credentials. User after successful login we still need to become another user to […]
  • HTB Walkthrough Tabby 10.10.10.194
    Summary Tabby is launched on the 20th of June and is rated as an Easy Box. Foothold Nmap shows there are only 3 ports open, 22,80,8080. on port 80 we see a webpage that is vulnerable to LFI User After finding the LFI and the right file we get credentials for the tomcat server which […]
  • HTB Walkthrough ServMon 10.10.10.184
    Servmon has been released on 11th of April and has been retired on 20th of June. Servmon is an Easy rated machine. Foothold First we see we have anonymous access to FTP, there is a file that mentions there should be a passwords.txt on the desktop of nathan, after the web enumeration we find out […]
  • HTB Walkthrough Dyplesher 10.10.10.190
    Summary Dyplesher is released on 23 th of may in 2020 Foothold This machine was insane rated. in order to gain a foothold we had to dump .git folder. User After a lot of enumeration and a few logins we finally arrived to the login page where we can upload a malicious plugin so we […]