Category: Bash
-
Photobomb | Hack The Box
Our initial results, we get domain (photobomb.htb) and an open SSH port. The web server gives us this – it displays whatever URI you enter, it may be vulnerable – we’ll test while we enumerate directories and vhosts. While browsing with burp we see a few .js files we can enumerate and inside find some […]
-
Vulnnet Node | TryHackMe
Nothing to enumerate but poke at the web app. We see they’re usign NodeJS (hence the box name) We’re greeted with a login form and some potential usernames for future enumeration. We’ll run Gobuster and see what else there is. The images uploaded for company portraits suggest they may use first name last initial as […]