Pandora 10.10.11.136
Last updated
Last updated
Pandora is a Linux base machine from HackTheBox that required your patient on web searching technique with some encoding concepts and Python Hacking skill is required on the privilege escalation.
Target Machine: 10.10.11.136
Attacker Machine: 10.10.14.4
1) nmap -p- -T5 --min-rate=1000 10.10.11.136 -oG fkclai.nmap 2) nmap -p $(grep -Eo '[0-9]{1,5}/open' fkclai.nmap | cut -d '/' -f 1 | tr -s '\n' ',') -sC -sV 10.10.11.136 -o nmap-result.txt
Enumeration Strategies
No vulnerability was found on the SSH and HTTP service, it was going to review the web application to check any information leakage or misconfiguration.
With basic web enumeration using gobuster, a set of web pages was found and the following one was interesting with submission function. However, it does not find any interesting stuff
THINKINGS: checking UDP ports
nmap -sC -sV -sU -top-ports=20 pandora.htb
Checking the opening port one by one
Get a username daniel
and password HotelBabylon23,
try the SSH connection with this account
Get the Initial access using the credential found at the SNMP connection string
Unfortunately, the account cannot access the user.txt
After reviewing the network, it found that there should be a website hosted internally, but it cannot be accessed outside.
Try to use SSH tunnelling to redirect the page outside
A CVE-2020-5844 was found on this v7.0NG.742_FIX_PERL2020, SQL injection vulnariblity was found. Using SQLMap to check the
It was found that the name of Database: pandora, table tsessions_php, and related field identified. Changed the command and executed it again