Continuing with our series on HTB machines, this article contain the walkthrough of another HTB machine. This one is called Cronos.
HTB is an excellent platform that hosts machines belonging to multiple OSes. It offers multiple types of challenges as well. The individual can download the VPN pack to connect to the machines hosted on the HTB platform and has to solve the puzzle (simple enumeration plus pentest) in order to log into the platform.
Note: Only write-ups of retired HTB machines are allowed. The machine in this article (Cronos) is retired.
Let’s start with this machine. [CLICK IMAGES TO ENLARGE]
1. Download the VPN pack for the individual user and use the guidelines to log into the HTB VPN.
2. The Cronos machine IP is 10.10.10.13.
3. We will adopt the same methodology of performing penetration testing as we have previously used. Let’s start with enumeration in order to learn as much information about the machine as possible.
4. Below is the nmap scan of this box. We can see that port 22 and 80 and DNS port 53 are listed, which is very interesting.
<<nmap -sC -sV -oA cronos 10.10.10.13>>
5. Let’s browse to port 80. Here we can see the Apache default page.
6. But let’s try to edit the hosts file for cronos.htb.
7. And now if we visit the page, we see a different output.
8. Since port 53 was open on this machine, let’s try to dig the zone records using the dig utility. Now we can see some interesting entries. For this article, we will focus on admin.cronos.htb
<<dig axfr @10.10.10.13 cronos.htb>>
9. Now, following the same steps above, we can edit the /etc/hosts file again to (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Security Ninja. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/PP9NHWX9ff0/