MariaDB

This post documents my process for solving the Pandora box on Hack The Box. The challenge focuses on recon, SNMP enumeration, port forwarding, SQLi on an internal service, and a series of lateral movement and privilege escalation steps. Recon Initial port scan: ports=$(nmap -p- --min-rate=1000 -T4 10.10.11.136 | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//) nmap -p$ports -sC -sV 10.10.11.136 Open ports: 22 (SSH) 80 (HTTP, Apache, Ubuntu) Enumerated with UDP scan (-sU): ...

This post documents my process for solving the Validation box on Hack The Box. This challenge centers on SQL injection, writing a web shell via SQLi, and privilege escalation via password reuse. Recon Started with full port scan: ports=$(nmap -p- --min-rate=1000 -T4 <IP> | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//) echo $ports # 22,80,4566,5000,5001,5002,5003,5004,5005,5006,5007,5008,8080 nmap -p$ports -sC -sV 10.10.11.116 Main open ports: 22 (SSH), 80 (Apache), 4566 (nginx), 8080 (nginx). ...