This box is an “Easy” Linux box by HackTheBox. If you like these write-ups you can send me some love by clicking on the “respect” button on the top right of the profile page.
User flag #
Startup enumeration #
Usual first setup :
mkdir scans loot shares
nmap -A 10.10.11.64 -vvv -oA scans/first_scan.txt
nmap -A 10.10.11.64 -p- -oA scans/full_scan.txt
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.12 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 3072 20:26:88:70:08:51:ee:de:3a:a6:20:41:87:96:25:17 (RSA)
| 256 4f:80:05:33:a6:d4:22:64:e9:ed:14:e3:12:bc:96:f1 (ECDSA)
|_ 256 d9:88:1f:68:43:8e:d4:2a:52:fc:f0:66:d4:b9:ee:6b (ED25519)
80/tcp open http nginx 1.18.0 (Ubuntu)
|_http-server-header: nginx/1.18.0 (Ubuntu)
|_http-title: Welcome to Nocturnal
| http-cookie-flags:
| /:
| PHPSESSID:
|_ httponly flag not set
The content of this article is currently restricted due to HackTheBox’s policies. This blog post will remain private until the machine is retired.
Have fun and don’t hesitate to DM me to ask questions on the HTB discord ;)
