Hack The Box

Armageddon write up

Port Scanning

For Finding open ports we use Rustscan .

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/a6f7b914-f6eb-4fbd-a74f-c10fbd9df657/Untitled.png

then used nmap detailed analysis

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/85a825bc-26f7-4c2d-b754-9cd1369ce833/Untitled.png

Web Reconnaissance

So Let’s first enumerate port 80. I decided to start a ffuf scan and got robots.txt and some disallowed entries of files && directories.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/d3d005c9-8103-4c72-964e-2d0802f7ba98/Untitled.png

Now I visited the webpage and decided to use the

WhatWeb

command for identifying services running for this site and here is the result, it’s Drupal.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/ed877863-9283-4f7a-a401-b10446c67cfc/Untitled.png

Now it’s time to search for exploit available for drupal 7 and for this we can use some ways like using searchexploit in Linux terminal or googling the CMS name.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/b1264114-8f6e-439c-b27d-7874720a5b45/Untitled.png

Now for using exploit for Durpal7 we use msfconsole