Hack the Box (HTB) machines walkthrough series — Postman

Today, we will be continuing with our exploration of Hack the Box (HTB) machines as seen in previous articles. This walkthrough is of an HTB machine named Postman.

HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. Individuals have to solve the puzzle (simple enumeration plus pentest) in order to log into the platform and download the VPN pack to connect to the machines hosted on the HTB platform.

Note: Only write-ups of retired HTB machines are allowed. The machine in this article, named Postman, is retired.

Let’s start with this machine.

The walkthrough

  1. Download the VPN pack for the individual user and use the guidelines to log into the HTB VPN.
  2. The Postman machine IP is 10.10.10.160.
  3. We will adopt our usual methodology of performing penetration testing. Let’s start with enumeration in order to learn more about the machine.
  4. As usual, let’s start with the nmap scan to learn more about the services running on this machine. [CLICK IMAGES TO ENLARGE]
    <<nmap -sC -sV -oA Postman 10.10.10.160>>

  5. Let’s start the enumeration based on the discovered ports. The screenshot below is what we can see on port 80.
  6. On port 10000, we got the page below, which led us to redirect to the site on SSL.
  7. On SSL, we got the page below. Seems like we need to figure out the right username and password. In short, we need more enumeration. Going back to step 1, we will run the nmap scan on all ports.
  8. This time we got an additional Redis port as well.
    <<nmap -sC -p- -oA postman.full 10.10.10.160>>

  9. Enumerating Redis service with an nmap script to find anything interesting.
    <<nmap –script redis-info -sV -p 6379 10. (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Security Ninja. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/thNLOmdJe9A/