Linux

This post documents my process for solving the Writeup box on Hack The Box. The machine revolves around web enumeration, CMS exploitation, SQLi, hash cracking, and privilege escalation via PATH hijacking. Recon Target: 10.10.10.138 nmap -sC -sV 10.10.10.138 Results: 22/tcp (SSH) OpenSSH 9.2p1 Debian 80/tcp (HTTP) Apache httpd 2.4.25 (Debian) robots.txt has a disallowed entry: /writeup/ Site uses CMS Made Simple, version 2.2.9.1 CMS Exploitation Accessed /writeup and /writeup/doc/CHANGELOG.txt to confirm CMS version. ...

I was crazy enough to choose Arch Linux as my first Linux distro to start with - when a lot of people recommend choosing user-friendly distros to begin with. From creating a bootable USB to deciding what kind of programs to install so I can have my laptop work, it took a very long time. Then, somehow, I got into this thinking that I didn’t want to have a desktop environment (DE) installed but wanted to install a window manager only! This, of course, was me refusing all the comfortable features that DEs provide to users. I messed up a few times and ended up reinstalling Arch over and over. Later, I found out about Manjaro Linux which is an Arch-based distro that carries the benefits of Arch with more user-friendly features! Manjaro definitely takes care of some of the chores that I have to go through when installing Arch (of course, I am a noob Linux user). ...