Devel(10.10.10.5)Hackthebox
Published in
2 min readJun 18, 2019
1. Reconnaissance
Start with an NMAP scan: nmap -sV -sC -oN 10.10.10.5.txt 10.10.10.5
NMAP scan results, we can see FPT running port 21, Anonymous FPT login allowed .
The port 80 is open so we will start enumerating port 80 with Nikto, Gobuster…
=)) We will go to that directory http://10.10.10.5/welcome.png
2. Exploit
Upload file shell on ftp
Access on directory http://10.10.10.5/hacked.aspx
Create reverse shell and upload in ftp
We will be using Kali Linux and Metasploit to attack the vulnerable
Privilege Escalation use payload exploit/windows/local/ms10_015_kitrap0d
