HackTHeBox - Bank - Retired - Update Recon I've been using threader3000 to run my recon scans lately. It does a super fast up/down scan on all TCP ports then suggests and NMAP scan based only on the ports that were up in the first scan. It also automatically saves the nmap results out to an XML file, that I then convert to HTML to make it pretty. xsltproc ./bank.htb/bank.htb.xml -o ./bank.html Looks like we have just three open ports… 22,53 and 80 Nmap thinks the box is ubuntu Port Product Version 22 OpenSSH 6.6.1p1 53 BIND 9.9.5-3 80 Apache 2.4.7 Let's start with port 80 and see what is might be serving us. A login form for HTB Bank is what we see when we browse to the server. Let's brute force the directories to see if we can find any other pages being served. I used dirbuster and the /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt Wordlist. Eventually I saw this directory it found /balance-transfer/ When
@circusmonkey404 on the twitters; DM for contact