Skip to main content
A blog about stuff I do
A blog about stuff I do
  1. Posts/

"Pterodactyl" by Hack The Box - An "Medium" Linux Box Writeup

·150 words·1 min
Lacroix Raphaël (Chepycou)
Author
Lacroix Raphaël (Chepycou)
I’m Raphaël LACROIX, a French computer scientist developping various applications in my free time ranging from definitely useless to somewhat usefull. I also do quite a lot of Capture the flag and cybersecurity challenges. I am currently looking for a Penetration Tester position in Toulouse (or in full remote).
Table of Contents
Hack The Box Medium Boxes - This article is part of a series.
Part : This Article
Part : "Overwatch" by Hack The Box - An "Medium" Windows Box Writeup
Part : "Giveback" by Hack The Box - A "Medium" Linux Box Writeup
Part : "Signed" by Hack The Box - A "Medium" Windows Box Writeup
Part : "Era" by Hack The Box - A "Medium" Linux Box Writeup
Part : "Cypher" by Hack The Box - An "Medium" Linux Box Writeup
Part : "Puppy" by Hack The Box - An "Medium" Linux Box Writeup
Part : "The Frizz" by Hack The Box - An "Medium" Linux Box Writeup
Part : "Environment" by Hack The Box - An "Medium" Linux Box Writeup
Part : "Cat" by Hack The Box - A "Medium" Linux Box Writeup
Part : "Backfire" by Hack The Box - A "Medium" Linux Box Writeup
Part : "Heal" by Hack The Box - A "Medium" Linux Box Writeup

This box is an “Medium” Linux box by HackTheBox

User flag
#

usual first scans :

mkdir scans loot shares
nmap -A 10.129.1.189 -vvv -oA scans/first_scan
nmap -A 10.129.1.189 -vvv -p- -oA scans/full_scan
nmap -sU -A 10.129.1.189 --top-port 100 -vvv -oA scans/first_scan_udp

Outputs :

22/tcp   open   ssh        syn-ack ttl 63 OpenSSH 9.6 (protocol 2.0)
| ssh-hostkey: 
|   256 a3741ea3ad02140100e6abb4188416e0 (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOouXDOkVrDkob+tyXJOHu3twWDqor3xlKgyYmLIrPasaNjhBW/xkGT2otP1zmnkTUyGfzEWZGkZB2Jkaivmjgc=
|   256 65c833177ad6523d63c3e4a960642dcc (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJTXNuX5oJaGQJfvbga+jM+14w5ndyb0DN0jWJHQCDd9
80/tcp   open   http       syn-ack ttl 63 nginx 1.21.5
|_http-server-header: nginx/1.21.5
|_http-title: My Minecraft Server
| http-methods: 
|_  Supported Methods: GET HEAD POST

Let’s update our /etc/hosts

The content of this article is currently restricted due to HackTheBox’s policies. This blog post will remain private until the machine is retired. Have fun and don’t hesitate to DM me to ask questions on Discord (through the HTB Discord), Linkedin or on X ;)

In the meantime you can follow me on HTB :

Chepycou

Hack The Box Medium Boxes - This article is part of a series.
Part : This Article
Part : "Overwatch" by Hack The Box - An "Medium" Windows Box Writeup
Part : "Giveback" by Hack The Box - A "Medium" Linux Box Writeup
Part : "Signed" by Hack The Box - A "Medium" Windows Box Writeup
Part : "Era" by Hack The Box - A "Medium" Linux Box Writeup
Part : "Cypher" by Hack The Box - An "Medium" Linux Box Writeup
Part : "Puppy" by Hack The Box - An "Medium" Linux Box Writeup
Part : "The Frizz" by Hack The Box - An "Medium" Linux Box Writeup
Part : "Environment" by Hack The Box - An "Medium" Linux Box Writeup
Part : "Cat" by Hack The Box - A "Medium" Linux Box Writeup
Part : "Backfire" by Hack The Box - A "Medium" Linux Box Writeup
Part : "Heal" by Hack The Box - A "Medium" Linux Box Writeup