Post

Planning 🔒

La maquina Planning esta activa. Este artĂ­culo se publicarĂĄ para acceso pĂșblico una vez que la maquina se retire, segĂșn la polĂ­tica de HackTheBox.

Posted
Preview Image
By litio7
1 min read
Planning 🔒

Machine Information

As is common in real life pentests, you will start the Planning box with credentials for the following account: admin / 0D5oT70Fq13EvB5r

Information Gathering

El anĂĄlisis inicial comienza con el comando ping para confirmar la accesibilidad de la mĂĄquina objetivo en la red.

1
2
3
4
5
6
7

/home/kali/Documents/htb/machines/planning:-$ ping -c 1 10.10.11.68
PING 10.10.11.68 (10.10.11.68) 56(84) bytes of data.
64 bytes from 10.10.11.68: icmp_seq=1 ttl=63 time=180 ms

--- 10.10.11.68 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 180.424/180.424/180.424/0.000 ms

Realizo un escaneo agresivo de puertos con nmap, lo que me permite identificar rĂĄpidamente todos los puertos abiertos.

1
2
3

/home/kali/Documents/htb/machines/planning:-$ sudo nmap -p- --open --min-rate 5000 -vvv 10.10.11.68 -n -Pn -oG nmap/nmap1
Host: 10.10.11.68 ()	Status: Up
Host: 10.10.11.68 ()	Ports: 22/open/tcp//ssh///, 80/open/tcp//http///	Ignored State: closed (65533)

Profundizo en los puertos detectados, recopilando informaciĂłn detallada sobre los servicios y versiones en ejecuciĂłn.

1
2
3
4
5
6
7
8
9
10
11
12
13
14

/home/kali/Documents/htb/machines/planning:-$ sudo nmap -sCV -vvv -p22,80 10.10.11.68 -oN nmap/nmap2
PORT   STATE SERVICE REASON         VERSION
22/tcp open  ssh     syn-ack ttl 63 OpenSSH 9.6p1 Ubuntu 3ubuntu13.11 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   256 62:ff:f6:d4:57:88:05:ad:f4:d3:de:5b:9b:f8:50:f1 (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMv/TbRhuPIAz+BOq4x+61TDVtlp0CfnTA2y6mk03/g2CffQmx8EL/uYKHNYNdnkO7MO3DXpUbQGq1k2H6mP6Fg=
|   256 4c:ce:7d:5c:fb:2d:a0:9e:9f:bd:f5:5c:5e:61:50:8a (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKpJkWOBF3N5HVlTJhPDWhOeW+p9G7f2E9JnYIhKs6R0
80/tcp open  http    syn-ack ttl 63 nginx 1.24.0 (Ubuntu)
| http-methods: 
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: nginx/1.24.0 (Ubuntu)
|_http-title: Did not follow redirect to http://planning.htb/
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Planning Machine from Hack The Box has been Pwned

Una mĂĄquina puede estar activa o retirada. Retirada, significa que la mĂĄquina no cuenta para los puntos de temporada.

Hack The Box, Machines
linux hack the box tcp ssh http
This post is licensed under CC BY 4.0 by the author.