Thursday-Snack on Shivasuryahttp://shivasurya.me/categories/thursday-snack/Recent content in Thursday-Snack on ShivasuryaHugoen-usFri, 24 Feb 2023 00:00:00 +0000HackTheBox Jerry Writeup - OSCP Practicehttp://shivasurya.me/2023/02/24/hackthebox-jerry-writeup-oscp/Fri, 24 Feb 2023 00:00:00 +0000http://shivasurya.me/2023/02/24/hackthebox-jerry-writeup-oscp/<h3 id="quick-overview">Quick Overview</h3> <p><a href="https://app.hackthebox.com/machines/144">Jerry</a> is one of the Windows Box from <a href="https://docs.google.com/spreadsheets/u/1/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview#">TJNull OSCP Practice list</a>. It&rsquo;s one of those quite easy machine where you get initial foothold &amp; privilege escalation in a single hop.</p> <p><img src="http://shivasurya.me/assets/media/htb-jerry-logo.jpg" alt="Jerry VM - HacktheBox Logo"></p> <h3 id="enumeration">Enumeration</h3> <h4 id="nmapautomator">NMapAutomator</h4> <p>Started with enumerating the target with <a href="https://github.com/21y4d/nmapAutomator"><code>NMapAutomator</code></a> script since it helps in automating all possible ports with vulnerability scripts from <code>nmap</code>. Additionally, <code>NmapAutomator</code> can help in recon process using <code>ffuf</code>, <code>nikto</code>, <code>DNSRecon</code>, <code>SMB</code> enumeration.</p>HackTheBox Bashed Writeup - OSCP Practice Listhttp://shivasurya.me/2023/02/14/hackthebox-bashed-writeup-oscp/Tue, 14 Feb 2023 00:00:00 +0000http://shivasurya.me/2023/02/14/hackthebox-bashed-writeup-oscp/<h3 id="quick-overview">Quick Overview</h3> <p><a href="https://app.hackthebox.com/machines/118">Bashed</a> Box is one of the Linux Box from <a href="https://docs.google.com/spreadsheets/u/1/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview#">TJNull OSCP Practice list</a>. It&rsquo;s one of those quite easy machine where you get initial foothold in one hop and privilege escalation in second hop.</p> <p><img src="http://shivasurya.me/assets/media/htb-bashed-logo.jpg" alt="Bashed VM - HacktheBox Logo"></p> <h3 id="enumeration">Enumeration</h3> <h4 id="nmapautomator">NMapAutomator</h4> <p>Started with enumerating the target with <a href="https://github.com/21y4d/nmapAutomator"><code>NMapAutomator</code></a> script since it helps in automating all possible ports with vulnerability scripts from <code>nmap</code>. Additionally, <code>NmapAutomator</code> can help in recon process using <code>ffuf</code>, <code>nikto</code>, <code>DNSRecon</code>, <code>SMB</code> enumeration.</p>