Open in app

Sign in

Write

Sign in

HTB Explosion Walkthrough (Very Easy)

Daniel Lew
3 min readAug 15, 2023

--

Task 1

What does the 3-letter acronym RDP stand for

Ans: Remote Desktop Protocol

  • found the answer through a quick google search
  • Microsoft proprietary protocol that allows clients to connect to other computers over a network connection through a graphical user interface (GUI)

Task 2

What is a 3-letter acronym that refers to interaction with the host through a command line interface?

Ans: command line interface (CLI)

  • found the answer through the hint, the last 3 words of the question

Task 3

What about graphical user interface interactions?

Ans: graphical user interface (GUI)

Task 4

What is the name of an old remote access tool that came without encryption by default and listens on TCP port 23?

Ans: Telnet

  • Telnet runs on port 23 and isn’t really used because data sent is unencrypted.

Task 5

What is the name of the service running on port 3389 TCP?

Ans: ms-wbt-server

  • ran nmap -sV -T4 -AO <ip-address> to find the answer.

Task 6

What is the switch used to specify the target host’s IP address when using xfreerdp?

Ok, so i’ve never used this before, turns out you can just put xfreerdp in the CLI followed by help

From the hint on HTB, the switch’s description is server hostname. With CTRL+SHIFT+F I type in Server in the search bar and found out that the switch

Ans: /v:

Task 7

What username successfully returns a desktop projection to us with a blank password?

Ans: Administrator

  • highest level of privilege that a user can be on windows OS

Task 8

Submit root flag

I’ll admit that I took a long time with this one

Initially I tried to use

but it wasn’t going through and I was met with the error consistently. The output mentioned that I had no username set, so they defaulted to root, which was not the login that we need. We needed the username to be administrator.

Next, they also mentioned that password certainly expired, which means that the blank password was not correct. We need to find switches to resolve this problem to be able to log in with xfreerdp

we need to define our username as well as

to ignore any certificates

We can try to see if we are able to establish a connection with the new switches

Yes! we managed to establish RDP and find our flag.

Hackthebox
Hackthebox Walkthrough

--

--

Daniel Lew

Written by Daniel Lew

17 Followers

First steps into cyber

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams