beep htb writeup
beep htb writeup

Hi guys ,Today we gonna learn how to solve one of the retired machine named BEEP:)

Although its a beginner friendly machine ,some techniques must be followed in order to get access to the machine.

The very first phase is scanning the machine with the inbuilt scanner tool in kali named Nmap{Network Mapper}.

Reconnaissance

IP of the machine is : 10.10.10.7

COMMAND: nmap -sC -sV -oN Beep 10.10.10.7

Nmap scan

Some common ports are running in the machine. let’s start by checking the website.

Enumeration

WebPage

On opening the webpage we can see that elastix is running with a login page.

let’s deep digger by dirb and bruteforce web pages:)

COMMAND: dirb http://10.10.10.7 -f

COMMAND: gobuster dir -u https://10.10.10.7 -w <wordlist> –wildcard

Unfortunately dirb and gobuster not gave good results

Let’s go to exploitation part 🙂

We will use searchsploit and search any exploits fot the elastix

COMMAND: searchsploit elastix

Searchsploit

We got some good exploits🙂

Lets use LFI 🙂

The main part of the exploit is in the above image 🙂

Just copy paste the whole path like below:)

https://10.10.10.7/vtigercrm/graph.php?current_language=../../../../../../../..//etc/amportal.conf%00module=Accounts&action

We got some data as output .Although its hard to read, lets use view-source option 🙂

BOOM!! we got some juicy information of the db user 🙂

lets use for connecting via ssh {Secure Shell}

After trying the password for root user ,we got succeed 🙂

lets pwn the flags:)

If you like my writeup , Give me Respect on my HTB profile : Exp1o1t9r

23 COMMENTS

  1. Fantastic web site. Lots of helpful info here. I am sending it to a few buddies ans additionally sharing in delicious.
    And of course, thanks to your sweat!

    • Thank you so much bro ❤️
      More about more useful information about bug bounty ,ethical hacking tips ,CTF writeups will be available.Don’t forget to share😁

      If you like my writeup , Give me Respect on my HTB profile : Exp1o1t9r

  2. Long time supporter, and thought I’d drop a comment.

    Your wordpress site is very sleek – hope you don’t mind me asking what theme
    you’re using? (and don’t mind if I steal it?
    :P)

    I just launched my site –also built in wordpress like yours– but the
    theme slows (!) the site down quite a bit.

    In case you have a minute, you can find it by searching for “royal cbd” on Google (would appreciate any feedback) – it’s still in the
    works.

    Keep up the good work– and hope you all take care of yourself during
    the coronavirus scare!

    • Thanks for your feedback bro.
      I’m using newspaper theme.
      More and more suggestions will be accepted!
      I am busy with other stuff, will definitely fix the site soon!
      Once again thanks for your feedback!

  3. Attractive section of content. I just stumbled upon your website and in accession capital to assert that
    I get actually enjoyed account your blog posts. Anyway I’ll
    be subscribing to your feeds and even I achievement
    you access consistently fast.

  4. fantastic issues altogether, you just won a new reader.
    What may you recommend in regards to your post that you made a few days in the past?
    Any sure?

  5. Hi there! Quick question that’s totally off topic. Do you know how to make your site mobile friendly?
    My blog looks weird when viewing from my apple
    iphone. I’m trying to find a template or plugin that might be able to resolve this problem.
    If you have any suggestions, please share.
    Cheers!

  6. I’m not sure why but this web site is loading incredibly slow for me.
    Is anyone else having this problem or is it a problem on my end?
    I’ll check back later and see if the problem still exists.

  7. After I initially left a comment I appear to have clicked on the -Notify me when new comments are added- checkbox and from now
    on each time a comment is added I receive 4 emails with the same
    comment. There has to be an easy method you can remove me from that service?
    Appreciate it!

  8. Definitely imagine that that you said. Your favourite reason appeared to be at the
    internet the simplest factor to understand
    of. I say to you, I definitely get annoyed
    while other folks consider issues that they plainly don’t recognize about.

    You controlled to hit the nail upon the top as smartly as
    outlined out the entire thing without having side-effects ,
    people could take a signal. Will probably be back to get more.
    Thanks

  9. Does your blog have a contact page? I’m having trouble locating it but, I’d
    like to shoot you an email. I’ve got some ideas
    for your blog you might be interested in hearing.

    Either way, great blog and I look forward
    to seeing it expand over time.

  10. What i don’t understood is in fact how you’re now not really a lot more smartly-preferred than you might be right now.
    You are so intelligent. You know therefore considerably relating to this subject, made
    me in my opinion believe it from so many various angles.
    Its like men and women aren’t interested until
    it’s something to do with Woman gaga! Your personal stuffs outstanding.
    All the time care for it up!

  11. Hello, i believe that i noticed you visited my weblog so i got here to return the prefer?.I’m attempting to in finding things
    to improve my site!I assume its good enough to use some of your ideas!!

LEAVE A REPLY

Please enter your comment!
Please enter your name here