https://gunzf0x.github.io/pentesting/tags/c%23/Recent content in C# on gunzf0xHugoenSat, 30 Nov 2024 00:00:00 +0000https://gunzf0x.github.io/pentesting/posts/lantern/Sat, 30 Nov 2024 00:00:00 +0000https://gunzf0x.github.io/pentesting/posts/lantern/Lantern – HackTheBox Link to heading OS: Linux Difficulty: Hard Platform: HackTheBox Synopsis Link to heading “Lantern” is a Hard machine from HackTheBox platform. It teaches how to execute a Server-Side Request Forgery for a Skipper Proxy vulnerable version to CVE-2022-38580. We are able to also find credentials for a Blazor service running to gain access to the victim machine. Finally, we learn how to use ProcMon to monitor a script being executed by root, read its log and extract credentials.https://gunzf0x.github.io/pentesting/posts/blazorized/Fri, 08 Nov 2024 00:00:00 +0000https://gunzf0x.github.io/pentesting/posts/blazorized/Blazorized – HackTheBox Link to heading OS: Windows Difficulty: Hard Platform: HackTheBox Summary Link to heading “Blazorized” is a Hard machine from HackTheBox platform. The target machine is running a web server. After inspecting its source code, we are able to find .dll files. After a little Reverse Engineering to these files, we are able to obtain the sign key to generate Jason Web Tokens and generate a token for an administrator site.https://gunzf0x.github.io/pentesting/posts/napper/Sat, 27 Apr 2024 00:00:00 +0000https://gunzf0x.github.io/pentesting/posts/napper/Napper – HackTheBox Link to heading OS: Windows Difficulty: Hard Platform: HackTheBox User Link to heading Nmap scan shows only 3 ports open: 80 HTTP, 443 HTTPs, 7680 an unknown service ❯ sudo nmap -sS --open -p- --min-rate=5000 -n -Pn -vvv 10.10.11.240 -oG allPorts Nmap scan report for 10.10.11.240 Host is up, received user-set (0.18s latency). Scanned at 2024-04-26 17:43:11 -04 for 27s Not shown: 65532 filtered tcp ports (no-response) Some closed ports may be reported as filtered due to --defeat-rst-ratelimit PORT STATE SERVICE REASON 80/tcp open http syn-ack ttl 127 443/tcp open https syn-ack ttl 127 7680/tcp open pando-pub syn-ack ttl 127 Read data files from: /usr/bin/.