Skip to main content
A blog about stuff I do
  1. Posts/

"MonitorsFour" by Hack The Box - An "Easy" Windows Box Writeup

·162 words·1 min
Lacroix Raphaël (Chepycou)
Author
Lacroix Raphaël (Chepycou)
I’m Raphaël LACROIX, a French computer scientist developping various applications in my free time ranging from definitely useless to somewhat usefull. I also do quite a lot of Capture the flag and cybersecurity challenges. I am currently looking for a Penetration Tester position in Toulouse (or in full remote).
Table of Contents
Hack The Box Easy Boxes - This article is part of a series.
Part : This Article
Part : "Code Part Two" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Conversor" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Editor" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Artificial" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Code" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Fluffy" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Dog" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Titanic" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Planning" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Underpass" by Hack The Box - An Easy Linux Box Writeup
Part : "Nocturnal" by Hack The Box - An Easy Linux Box Writeup

This box is an “Easy” Windows box by HackTheBox

User flag
#

usual first scans :
# 

mkdir scans loot shares
nmap -A 10.129.11.69 -vvv -oA scans/first_scan
nmap -A 10.129.11.69 -vvv -p- -oA scans/full_scan
nmap -sU -A 10.129.11.69 --top-port 100 -vvv -oA scans/first_scan_udp

80/tcp   open  http    syn-ack ttl 127 nginx
| http-methods: 
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-title: Did not follow redirect to http://monitorsfour.htb/
5985/tcp open  http    syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-title: Not Found
|_http-server-header: Microsoft-HTTPAPI/2.0

Looks like a regular Windows box with some web and a winRM port, let’s edit the /etc/hosts file and go check out the web :

The content of this article is currently restricted due to HackTheBox’s policies. This blog post will remain private until the machine is retired. Have fun and don’t hesitate to DM me to ask questions on Discord (through the HTB Discord), Linkedin or on X ;)

In the meantime you can follow me on HTB :

Chepycou

Hack The Box Easy Boxes - This article is part of a series.
Part : This Article
Part : "Code Part Two" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Conversor" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Editor" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Artificial" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Code" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Fluffy" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Dog" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Titanic" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Planning" by Hack The Box - An "Easy" Linux Box Writeup
Part : "Underpass" by Hack The Box - An Easy Linux Box Writeup
Part : "Nocturnal" by Hack The Box - An Easy Linux Box Writeup