OpenAdmin – Hack The Box

3 0

This the a tips for you about OpenAdmin machine.

  1. Nmap for network scanning.
  2. Scanning directories.
  3. Look for exploits based on the version.
  4. Search for a list of users through /etc/passwd.
  5. Enum is very important, the config file seems interesting to note.
  6. SSH helps you to enter as a user.
  7. Perform basic enumeration techniques such as looking at connections connected inside the computer.
  8. Tunneling is very helpful to see the web display, although it can be done via cURL inside the machine itself.
  9. Know where the web directory is located? Maybe there is something that can change the status of your users.
  10. Ssh2john will help you, then crack it using John The Ripper.
  11. Login using the passphrase and key file that was obtained previously.
  12. When talking about SUID, surely you already know what to do.