Hackthebox.eu - Retired - October Recon As always I start with a simple UP/Down scan on all TCP ports to see what is live. # nmap -T 4 -p- -oX /root/Desktop/HTB/October/nmapb.xml october.htb Then I convert the output to HTML to make it pretty xsltproc /root/Desktop/HTB/October/nmapb.xml -o /root/Desktop/HTB/October/nmapb.html Not much open just 22 and 80 Let's scan those ports with -A to try to finger OS/Services # nmap -T 4 -p22,80 -A -oX /root/Desktop/HTB/October/nmapf.xml october.htb Then convert that to HTML too Let's see what is on port 80 A quick google search around for october CMS we see a lot of authenticated attack vectors. Let's see if we can create an account. Exploit Just filling in some generic things, I set the password to "password" (BTW test@test.com said it was already taken) Now it wants us to change the password I changed the password to Password1. After doing this I don't think this step was
@circusmonkey404 on the twitters; DM for contact