0xdf.gitlab.io/2019/08/31/htb-onetwoseven.html
Preview meta tags from the 0xdf.gitlab.io website.
Linked Hostnames
15- 20 links to0xdf.gitlab.io
- 3 links toapp.hackthebox.com
- 2 links tolinux.die.net
- 2 links toyoutube.com
- 1 link to0xdfimages.gitlab.io
- 1 link todebian.pkgs.org
- 1 link togithub.com
- 1 link togitlab.com
Search Engine Appearance
HTB: OneTwoSeven
OneTwoSeven was a very cleverly designed box. There were lots of steps, some enumeration, all of which was do-able and fun. I’ll start by finding a hosting provider that gives me SFTP access to their system. I’ll use that to tunnel into the box, and gain access to the admin panel. I’ll find creds for that using symlinks over SFTP. From there, I’ll exploit a logic error in the plugin upload to install a webshell. To get root, I’ll take advantage of my user’s ability to run apt update and apt upgrade as root, and man-in-the-middle the connection to install a backdoored package.
Bing
HTB: OneTwoSeven
OneTwoSeven was a very cleverly designed box. There were lots of steps, some enumeration, all of which was do-able and fun. I’ll start by finding a hosting provider that gives me SFTP access to their system. I’ll use that to tunnel into the box, and gain access to the admin panel. I’ll find creds for that using symlinks over SFTP. From there, I’ll exploit a logic error in the plugin upload to install a webshell. To get root, I’ll take advantage of my user’s ability to run apt update and apt upgrade as root, and man-in-the-middle the connection to install a backdoored package.
DuckDuckGo
https://0xdf.gitlab.io/2019/08/31/htb-onetwoseven.htmlHTB: OneTwoSeven
OneTwoSeven was a very cleverly designed box. There were lots of steps, some enumeration, all of which was do-able and fun. I’ll start by finding a hosting provider that gives me SFTP access to their system. I’ll use that to tunnel into the box, and gain access to the admin panel. I’ll find creds for that using symlinks over SFTP. From there, I’ll exploit a logic error in the plugin upload to install a webshell. To get root, I’ll take advantage of my user’s ability to run apt update and apt upgrade as root, and man-in-the-middle the connection to install a backdoored package.
General Meta Tags
9- titleHTB: OneTwoSeven | 0xdf hacks stuff
- nameHTB: OneTwoSeven
- charsetutf-8
- X-UA-CompatibleIE=edge
- viewportwidth=device-width, initial-scale=1
Open Graph Meta Tags
6- og:titleHTB: OneTwoSeven
og:localeen_US- og:descriptionOneTwoSeven was a very cleverly designed box. There were lots of steps, some enumeration, all of which was do-able and fun. I’ll start by finding a hosting provider that gives me SFTP access to their system. I’ll use that to tunnel into the box, and gain access to the admin panel. I’ll find creds for that using symlinks over SFTP. From there, I’ll exploit a logic error in the plugin upload to install a webshell. To get root, I’ll take advantage of my user’s ability to run apt update and apt upgrade as root, and man-in-the-middle the connection to install a backdoored package.
- og:urlhttps://0xdf.gitlab.io/2019/08/31/htb-onetwoseven.html
- og:site_name0xdf hacks stuff
Twitter Meta Tags
2- twitter:cardsummary
- twitter:site@0xdf_
Link Tags
11- alternatehttps://0xdf.gitlab.io/feed.xml
- canonicalhttps://0xdf.gitlab.io/2019/08/31/htb-onetwoseven.html
- icon/assets/icons/favicon-32x32.png
- icon/assets/icons/favicon-16x16.png
- stylesheet/assets/css/bootstrap-toc.min.css
Emails
1Links
38- https://0xdf.gitlab.io
- https://0xdf.gitlab.io/2019/08/31/htb-onetwoseven.html
- https://0xdf.gitlab.io/about
- https://0xdf.gitlab.io/cheatsheets
- https://0xdf.gitlab.io/feed.xml