Skip to main content

Posts

Showing posts with the label Linux

HacktheBox - DevOops - Retired

HacktheBox - DevOops - Retired Recon Let's use threader3000 for our recon scan. It's a threaded scanner written in python that does a super quick up/down scan on all TCP ports, then suggests a nmap scan based on the results. It will automatically save the nmap scan results as XML, then we can convert it to HTML xsltproc ./devops.htb/devops.htb.xml -o ./devops.html Just two ports open Port Service Version 22 OpenSSH 7.2p2 5000 Gunicorn 19.7.1 What is Gunicorn? https://gunicorn.org/ "Gunicorn 'Green Unicorn' is a Python WSGI HTTP Server for UNIX. It's a pre-fork worker model. The Gunicorn server is broadly compatible with various web frameworks, simply implemented, light on server resources, and fairly speedy" There is just some text at the top and a picture of another website…. Let's brute force this and see if we can find any other interesting things to look at on this web server. dirb http://devops.htb:5