Hack The Box — FriendZone Writeup w/o Metasploit
Published in
15 min readNov 17, 2019
This is the 14th blog out of a series of blogs I will be publishing on retired HTB machines in preparation for the OSCP. The full list of OSCP like machines compiled by TJ_Null can be found here.
Let’s get started!
Reconnaissance
First thing first, we run a quick initial nmap scan to see which ports are open and which services are running on those ports.
nmap -sC -sV -O -oA initial 10.10.10.123
- -sC: run default nmap scripts
- -sV: detect service version
- -O: detect OS
- -oA: output all formats and store in file initial
We get back the following result showing that seven ports are open:
- Port 21: running ftp vsftpd 3.0.3
- Port 22: running OpenSSH 7.6p1 Ubuntu 4
- Port 53: running ISC BIND 9.11.3–1ubuntu1.2 (DNS)
- Ports 80 & 443: running Apache httpd 2.4.29
- Ports 139 and 145: Samba smbd 4.7.6-Ubuntu
Starting Nmap 7.70 ( https://nmap.org ) at 2019-11-15 21:19 EST
Nmap scan report for 10.10.10.123
Host is up (0.030s latency).
Not shown: 993 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp…