Htb obscurity writeup Foothold / www-data Dec 14, 2019 · Now that we are in as robert. call are used. Published in. Recon I added 10. After finding the source code from a secret directory we find that the exec call can be command injected to get a shell as www-data. htx-write-up, htb-obscurity. May 8, 2020 · HTB Obscurity Writeup by plasticuproject Obscurity is a medium difficulty box where we will leverage bad server code to inject and run commands, and take advantage of poor cryptography and leftover files to get user access. Dec 14, 2019. Hope you enjoy my write up. To get root, I’ll show four different Obscurity Writeup HTB. One’s a really simple way and other… Writeups for all the HTB machines I have done. txt Version scan reports following information. 3. htb’. vulnerability-paper / htb / HTB_Obscurity渗透测试. Avec ce mot de passe, nous pouvons maintenant nous connecter en tant qu'utilisateur «robert» et lire le fichier user. From there we take advantage of sudo privileges and a poorly executed program to read the root. 07. May 9, 2020 · Welcome to the Obscruity write-up! This was a medium-difficulty Linux box and required players to find a flaw in the python-based web server to gain the initial access. 12 April 2020 · 1004 words · 5 mins · loading · loading · Like · HTB htb writeup. 10. Dec 9, 2021 2021-12-09T00:00:00+07:00 by Hoang Nguyen . If custom scripts are mentioned in the write up, it can also be found in the corresponding folder. Information Gathering. 14. 6 while I did this. HackTheBox Writeups. md Feb 13, 2025 · Writeup on HTB Season 7 EscapeTwo. We see that the box domain is obscure. In case you want to read my write-up on it, then see the following PDF document (password protected with the HTB flag): HackTheBox/Obscure_Forensics_Write-up. txt as input and check. Apr 5, 2020 2020-04-05T00:00:00+08:00 Hack The Box Write Up - Registry. Now that we found there are two ways to do this. We finally get root by exploiting a race condition in a Posts Hackthebox Obscurity Writeup. @0x0000005. May 14, 2020 · By analyzing what the code does, one can see that it takes a file as input and a key and ciphers that file, is possible to observe as well we can provide a ciphered file and it’s correspondant plain text file in decrypt mode as key, which will give back the key that was used… Then we proceed to execute the script with out. txt file. 168’ and I added it to ‘/etc/hosts’ as ‘obscurity. Welcome to the Obscruity write-up! This was a medium-difficulty Linux box and required players to find a flaw in the python-based web… Mar 16, 2020 · HTB Obscurity writeup# HackTheBox Obscurity machine write up, easy Linux machine. The box starts with web-enumeration, where we have to fuzz for a secret diretory to leak the source code of the server. Obscurity es una máquina basada en Linux que estuvo activa desde el 30 de Noviembre del 2019 hasta el 9 de Mayo del 2019, tal como su nombre lo indica es una maquina donde se trata de la seguridad basada en la oscuridad, en este caso tendremos que leer múltiples programas escritos en Feb 17, 2020 · Hi mate, I have written a write-up for the recently retired JSON box. HTB Swagshop writeup. htb, I followed this up with a fast nmap scan of the top 1000 ports followed by a fast Top posts of May 11, 2020 Top posts of May 2020 Top posts of 2020 Top posts of May 2020 Top posts of 2020 May 9, 2020 · The Obscurity box has a vulnerable Python web application running. pdf at master · artikrh/HackTheBox · GitHub Obscurity - Write-up - HackTheBox 2020-08-06 On the main page there are several hints. May 9, 2020 · Read writing about Htb Obscurity in InfoSec Write-ups. ) Write up hack the box [HTB] Obscurity: accès root! May 13, 2020 · HTB Obscurity Writeup-Comments powered by Disqus. txt. Its IP address is ‘10. Reconnaissance & Enumeration Let’s start with the nmap scan nmap -Pn -n -p- obscurity. We monitor our network 24/7 and generate logs from tcpdump (we provided the log file for the period of two minutes before we terminated the HTTP service for investigation May 10, 2020 · [HTB] Obscurity — Write-up. Let’s go! Active recognition Continental Philosophy vs. write-ups, openkeys. Then we have to solve a simple crypto challenge to retrieve an encryption key that decrypts a file containing the robert user’s password. Information Gathering Nmap Jun 9, 2024 · In this write-up, we will dive into the HackTheBox seasonal machine Editorial. system, os. mov al, 11. I cloned my writeup that was originally posted on medium. htb --min-rate=1000 | grep "open" | cut -d '/' -f 1 | sort -n > port_scan. Nmap Port Scan; Nmap Script Scan; Nmap Full Port Scan May 9, 2020 · Hack The Box Machine - Obscurity. Apr 14, 2022 · Obscurity - HTB Writeup April 14, 2022 5 minute read . 610 lines (471 loc) · 27. txt` obscurity. Writeups. htb -oA version_scan PORT STATE SERVICE VERSION 22/tcp open ssh May 9, 2020 · Obscurity - Write-up - HackTheBox Saturday 9 May 2020 (2020-05-09) At least the HTB skill radar was saying it requires a lot of enumeration and is very CTF-style May 9, 2020 · Brief@obscurity:~$ The real Journey of obscurity Starts with a wfuzz on the http port 8080 by the file SupersecureServer. popen or subprocess. me/mango-htb-walkthrough/ Write up hack the box [HTB] Obscurity: user. \nMy IP address was 10. But since this date, HTB flags are dynamic and different for every user, so is not possible for us to maintain this kind of system. 168 Points 30 Os Sep 6, 2019 · Thanks for the positive feedback – glad you guys enjoyed this one. Nmap scan report for akerva. htb:8080/develop/SuperSecureServer. May 9, 2020 · Obscurity is a medium linux box by clubby789. May 8, 2020 HTB | Write-Up May 9, 2020 · Read writing about Htb Obscruity Walkthrough in InfoSec Write-ups. May 9, 2020 · The Obscurity box has a vulnerable Python web application running. 0: 514: May 10, 2020 Write up not approved Registry ? Writeups. I’ll pivot to the next user abusing a poor custom cipher to decrypt a password. It is a Linux machine on which we will carry out a SSRF attack that will allow us to gain access to the system via SSH. 2 KB master. Read more… 31 May 9, 2020 · HTB ObscurityWrite-up (Español) 09 May 2020. md May 26, 2025 · Hack The Box - HTB - Fluffy 🧸💀 HTB: Fluffy — Not Your Average Pup You thought "Fluffy" meant cute? Think again. Topic Replies Views Activity [HTB] Obscurity Write-up by bigb0ss. I Just made a python script that will url encode the payload and then execute it May 9, 2020 · Obscurity just retired today. Fnplus Club. Machines writeups until 2020 March are protected with the corresponding root flag. htx-write-up, htb May 9, 2020 · The Obscurity box has a vulnerable Python web application running. OpenKeys Write-up by T13nn3s. Table of Contents. We’ll start with enumeration Nov 11, 2024 · 文章浏览阅读4. Top. htb Hackthebox obscurity writeup. 2k次,点赞2次,收藏3次。本文详细介绍了针对Obscurity系统的渗透测试过程,包括信息收集、漏洞分析、代码审计、利用RCE漏洞获取shell权限,以及进一步获取robert用户和root权限的步骤。 Dec 12, 2020 · Every machine has its own folder were the write-up is stored. A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Hack The Box :: Forums htx-write-up. TL;DR 准备 Obscurity靶机地址:10. May 11, 2020 · wget http://obscurity. 🐾 This 3-headed beast of an Active Directory box bites HARD: • 🕵️ Nmap recon • 🪤 CVE-2025-24071 (Explorer Spoofing) • 🧲 NTLMv2 hash capture via Responder • 🧪 Certipy Shadow Magic • 🔓 ESC16 UPN spoof for full takeover From fetching user creds to Apr 6, 2020 · [HTB] Obscurity Write-up by bigb0ss. 2 days ago · RECON Port Scan Domain Details We have: Ports Overview We found some suspicious or notable ports based on the scan: Port 80 Port 80 hosts a web application that facilitates user registration and authentication: The contact form functions correctly—potentially doubling as an XSS injection point: During registration, we can specify the account type: student or teacher: However, registering as May 9, 2020 · A little about me: I’m a Jr Pentester in Toronto CA. We have some contact information. ctf english hackthebox htb vulnhub cmc Android CTF Mobile cloudflare 920 subscribers in the InfoSecWriteups community. In some cases there are alternative-ways, that are shorter write ups, that have another way to complete certain parts of the boxes. Contribute to mzfr/HackTheBox-writeups development by creating an account on GitHub. py copy We start by checking if some dangerous functions like eval, exec, os. HTB-Obscurity writeup lysecl 于 2020-02-05 12:14:14 发布 2062 收藏 文章标签: 安全 测试工程师 版权声明:本文为博主原创文章,遵循 CC Topics tagged htx-write-up. Follow. Let’s priv esc. First, Let’s start with an nmap scan of the machine. md May 8, 2020 · HackTheBox Obscurity Write-Up Obscurity is a medium difficulty box where we will leverage bad server code to inject and run commands, and take advantage of poor cryptography and leftover files to get user access. We finally get root by exploiting a race condition in a May 9, 2020 · Read writing about Python Server Side in InfoSec Write-ups. htb 0x1 www-data nmap扫描 {"payload":{"allShortcutsEnabled":false,"fileTree":{"obscurity":{"items":[{"name":"alternative-way-obscurity. The process as always: Scan –> Initial foothold –> Own User –> Own Root. 358 followers writeup for htb Heal,medium difficulty machine. txt cat port_scan. py decrypt the key for the file out. Cancel. nmap -Pn -n -sC -sV -p `cat port_scan. For the privilege escalation, I covered the automated JuicyPotato attack, the script created by TsukiCTF team :slight_smile: Enjoy! May 9, 2020 · This write-up is about the medium rated vulnerable host “OBSCURITY” on HTB, a recently retired virtual machine on HackTheBox. py. The target is a Windows Machine and rated as Easy, but honestly it feels more like a Medium difficulty box xD. 168 to /etc/hosts as obscurity. And got the exact file,Reading the file and analyzing the python code we will get a www-data shell. txt as the key, saving the output (the key May 10, 2020 · Read all stories published by InfoSec Write-ups on May 10, 2020. Further Reading. On the Our So˙ware section we can read the following: Our suite of custom so˙ware currently includes: A custom written web server Currently resolving minor stability issues; server will restart if it hangs for 30 seconds An unbreakable encryption algorithm {"payload":{"allShortcutsEnabled":false,"fileTree":{"obscurity":{"items":[{"name":"alternative-way-obscurity. I’m in love CTF’s and & HTB. Without further ado, let’s jump right in! A light nmap scan was enough to get me started: Host is up (0. Written by Harish. information@obscurity:~$ Column Details Name obscurity IP 10. md","path":"obscurity/alternative-way-obscurity. Obscurity - Methodologies. Then, we will proceed to do an user pivoting and then, as always, a Privilege Escalation. I’ll start by locating the source for the custom Python webserver, and injecting into it to get code execution and a shell. #2 HTB rank in Canada, Rank ~60 on RingZeroCTF. We finally get root by exploiting a race condition in a HTB Obscurity Writeup part 1. Posted May 9, 2020 2020-05-09T15:00:00+05:30 by Vibhu Bansal & Prerak Mittal HTB_Obscurity渗透测试. Dec 14, 2019 · Htb Obscurity Writeup----3. 0xNinja. Breadcrumbs. php). txt and using the key decrypting the passwordreminder What is the path to htb-student's home directory? Off-topic. Analytic Philosophy: Clarity, Obscurity, Argument. May 9, 2020 · Obscuirt was a medium box that centered on finding bugs in Python implementations of things - a webserver, an encryption scheme, and an SSH client. 1: 365: April 5, 2020 Step 1. 168 obscurity. https://hackso. Max. This machine’s enum and first stages to get user was a bit difficult. History. Apr 12, 2020 · 📦 HTB - Obscurity. Sub-reddit for collection/discussion of awesome write-ups from best hackers in topics ranging from… HTB-Obscurity writeup 2632; HTB-Bitlab writeup 2364; BUUCTF-CRYPTO 刷题记录(一) 1798; 大家在看 May 9, 2020 · German Write-up for Obscurity HTB - Obscurity - Secure77. Once we gain initial access with a reverse shell, then, we will need to analyze another python script that encrypts the password. md. It was an awesome scripting exercise. txt | tr '\n' ',' | sed s/,$// > port_scan. May 2022. HTB — Code (Experience May 7, 2022 · HTB write up for the oBfsC4t10n[HARD] challenge security through obscurity? lwlx. {"payload":{"allShortcutsEnabled":false,"fileTree":{"obscurity":{"items":[{"name":"alternative-way-obscurity. File Step 1. Post. 168OS:Linux 难度:中等 操作机:Kali 将靶机的ip地址加入到hosts文件中 10. Dec 9, 2021 · HackTheBox Obscurity Writeup. \n Let's put this in our hosts file: Apr 30, 2023 · Description An attacker has found a vulnerability in our web server that allows arbitrary PHP file upload in our Apache server. (Nous pouvons également utiliser le SSH avec les informations d'identification de l'utilisateur "robert". py’ in the secret development directory; Fuzzing the site to find the server source code using wfuzz: Mar 28, 2020 · Here at 0bscura, we take a unique approach to security: you can’t be hacked if attackers don’t know what software you’re using! That’s why our motto is ‘security through obscurity’; we write all our own software from scratch, even the webserver this is running on! May 8, 2020 · I recently solved the “Evaluative” coding challenge on Hack The Box (HTB) that tested my ability to efficiently evaluate a polynomial given… May 8, 2020 · What i am going to do is crafting a payload for reverse shell in python which will be url encoded and then execute the payload by obscurity. There are bunch of files in the dir /home/robert/ and using the SuperSecureCrypt. Hackthebox Obscurity Writeup. Author. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 This is the write-up for the box Obscurity that got retired at the 9th May 2020. Analyzing the source code, we see that the exec function is called with user-input, which leads to code-execution and gives us a shell in the context of www-data. 2: 565: February 13, 2021 Apr 18, 2020 · I had the most fun extracting the “juice” out of the mango. 11s latency). htb; Source code for the web server is in ‘SuperSecureServer. Suchlike, the hacker has uploaded a what seems to be like an obfuscated shell (support. Mar 16. I had lots of fun solving it, especially because I got to pwn so many custom applications. htb:8080/payload. htb -oA version_scan PORT STATE SERVICE VERSION 22/tcp open ssh . Related topics Topic Replies Views Activity [HTB] [GER] Traverxec Write-up by Secure77. baxtbkapsgectftfnxzleqmbacosnexyzrqboddjmxoafa