HackTheBox - Retired - Poison Recon I've been using threader lately to do my initial scanning. It's a threaded scanner written in python by Joe Helle https://twitter.com/joehelle You just supply an IP and it does a quick threaded up/down scan on all TCP ports and then pipes the results into a nmap scan for you. And saves the outputs as xml for you too Which I then convert the nmap output to HTML to make it a bit easier to digest xsltproc 10.10.10.84.xml -o poison.html Not much open here just port 80 and 22 Port 80 Apache 2.4.29 Port 22 OpenSSH 7.2 Well we know we will need a password for ssh or a key at least, let's look at 80 to see what it's serving up. I'll add poison.htb to my /etc/hosts to make it a be easier A temporary website to test local. Php scripts….. This sounds really promising to get a foothold here. So here it states there are 4 files that can be tested. 1st thing I did was try not supplying a script. Caught an error about the filename b
@circusmonkey404 on the twitters; DM for contact