Backdoor - HackTheBox
Welcome file Welcome to the another CTF challenge from HackTheBox. What we can learn from the machine. Linux enumeration Directory traversal Exploiting unprotected screen session Let’s start with nmap scan. Nmap Scan Result ┌── ( defalt@kali ) - [ ~ ] └─$ nmap -sC -sV -p- -Pn -A 10.10.11.125 Starting Nmap 7.92 ( https://nmap.org ) at 2022-04-20 17:32 PDT Nmap scan report for 10.10.11.125 Host is up ( 0.051s latency ) . Not shown: 65532 closed tcp ports ( conn-refused ) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.3 ( Ubuntu Linux ; protocol 2.0 ) | ssh-hostkey: | 3072 b4:de:43:38:46:57:db:4c:21:3b:69:f3:db:3c:62:88 ( RSA ) | 256 aa:c9:fc:21:0f:3e:f4:ec:6b:35:70:26:22:53:ef:66 ( ECDSA ) | _ 256 d2:8b:e4:ec:07:61:aa:ca:f8:ec:1c:f8:8c:c1:f6:e1 ( ED25519 ) 80/tcp open http Apache httpd 2.4.41 (( Ubuntu )) | _http-server-header: Apache/2.4.41 ( Ubuntu ) | _http-generator: WordPress 5.8.1 | _http-title: Backdoor