Skip to content

Instantly share code, notes, and snippets.

@jeremypruitt
Last active August 17, 2019 20:38
Show Gist options
  • Save jeremypruitt/0a6e7b7afbd8a63389e9be3d2e237548 to your computer and use it in GitHub Desktop.
Save jeremypruitt/0a6e7b7afbd8a63389e9be3d2e237548 to your computer and use it in GitHub Desktop.
Hack The Box - Helpline

Techniques

Tools

  • nmap

Setup

  1. Add helpline.htb to the hosts file so we can refer to the host by name
    $ echo "10.10.10.132 helpline.htb" >> /etc/hosts

Port Scan

  1. Scan for ports and services

    # Use nmap to find available TCP ports quickly
    $ helpline_tcp_ports=$( \
        nmap helpline.htb \
             -p- \
             --min-rate=1000 \
             --max-retries=2 \
             -T4 \
             -Pn \
             -oA nmap-tcp-allports \
        | grep ^[0-9] \
        | cut -d '/' -f 1 \
        | tr '\n' ',' \
        | sed s/,$// \
      )
    
    # Scan found ports for services
    $ nmap helpline.htb \
           -p ${helpline_tcp_ports} \
           -sV \
           -sC \
           -T4 \
           -Pn \
           -oA nmap-tcp-foundports
  2. Check found ports against the Vulners db/nse script

    $ nmap helpline.htb \
           -p ${helpline_tcp_ports} \
           --script=vulners \
           -Pn \
           -A \
           -T4 \
           -oA nmap-tcp-foundports-vulners

Web Enumeration: helpline.htb:80

  1. ________

    Let's start by looking for interesting URL paths:

    $ 
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment