HackTheBox - Falafel - Retired Recon Let's use threader3000 for our recon scan. It's a threaded scanner written in python that does a super quick up/down scan on all TCP ports, then suggests a nmap scan based on the results. It will automatically save the nmap scan results as XML, then we can convert it to HTML xsltproc falafel.htb/falafel.htb.xml -o ./falafel.html Not a whole lot to go on here just port 80 and 22, nmap does thinking it s a linux (Ubuntu) box Port Service Version 22 OpenSSH 7.2p2 80 Apache HTTPD 2.4.18 On most hackthebox machines port 22 SSH is just a means to connect and not an attack path so let's check out port 80 and see what we see Falafellovers There is just this page and a login page Nmap said there was a robots.txt file too, let's check it out. User-agent: * Disallow: /*.txt You don't want to index .txt files huh? That really makes me want to look for .txt files. dirb http://falafel.htb -X .txt -X wi
@circusmonkey404 on the twitters; DM for contact