Tag: redis
-
VulnNet Active | TryHackMe
So, we’re probably looking at a domain controller judging by the DNS service running. Running crackmapexec gives us the domain name vulnnet.local which we’ll use to further enumerate the box. SMB allows anonymous login but has no shares to display, but Redis allows unauthenticated logins. We can get a username from this but I spend […]
-
VulnNet Internal | TryHackMe
Initial nmap scan gives some interesting services to enumerate. We’ll start with SMB. We can access the folder shares with anonymous user and inside find 3 files. services.txt data.txt and business-req.txt. Services.txt gives us the first flag but the others give not much else. We’ll continue on to enumerate the NFS shares. When searcing through […]