InformationSecurity

fork() bombing windows

Introduction 💡 DISCLAIMER: The content presented in this write-up is for educational purposes only. It demonstrates concepts related to computer security, system processes, and vulnerabilities. The information provided is not intended to encourage or condone any form of malicious activity. Users are expected to use this knowledge responsibly, ethically, and in compliance with all applicable laws and regulations. The author does not endorse or support any illegal or unauthorized use of the information presented in this write-up.

HTB Writeup: Paper

Enumeration nmap Scan # Nmap 7.92 scan initiated Mon Apr 11 15:07:52 2022 as: nmap -sC -sV -T3 -oN nmap.all-port.txt -vv -p- 10.10.11.143 Nmap scan report for 10.10.11.143 (10.10.11.143) Host is up, received echo-reply ttl 63 (0.084s latency). Scanned at 2022-04-11 15:07:58 IST for 54s Not shown: 65532 closed tcp ports (reset) PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 8.0 (protocol 2.0) 80/tcp open http syn-ack ttl 63 Apache httpd 2.

HTB Writeup: Catch

Enumeration nmap scan Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-24 06:52 IST Nmap scan report for 10.129.110.180 (10.129.110.180) Host is up (0.075s latency). Not shown: 65530 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.4 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 3072 48:ad:d5:b8:3a:9f:bc:be:f7:e8:20:1e:f6:bf🇩🇪ae (RSA) | 256 b7:89:6c:0b:20:ed:49:b2:c1:86:7c:29:92:74:1c:1f (ECDSA) |_ 256 18💿9d:08:a6:21:a8:b8:b6:f7:9f:8d:40:51:54:fb (ED25519) 80/tcp open http Apache httpd 2.4.41 ((Ubuntu)) |_http-title: Catch Global Systems |_http-server-header: Apache/2.

HTB Writeup: Acute

Enumeration nmap Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-04 07:55 IST Nmap scan report for 10.129.136.40 (10.129.136.40) Host is up (0.080s latency). Not shown: 65534 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 443/tcp open ssl/http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) | ssl-cert: Subject: commonName=atsserver.acute.local | Subject Alternative Name: DNS:atsserver.acute.local, DNS:atsserver | Not valid before: 2022-01-06T06:34:58 |_Not valid after: 2030-01-04T06:34:58 |_http-server-header: Microsoft-HTTPAPI/2.0 |_ssl-date: 2022-07-04T02:43:16+00:00; +15m23s from scanner time. | tls-alpn: |_ http/1.

HTB Writeup: RouterSpace

Enumeration NMAP Scan # Nmap 7.92 scan initiated Sun Apr 10 19:53:33 2022 as: nmap -sC -sV -T3 -oN nmap.all-port.txt -vv -p- 10.10.11.148 Nmap scan report for 10.10.11.148 (10.10.11.148) Host is up, received echo-reply ttl 63 (0.078s latency). Scanned at 2022-04-10 19:53:39 IST for 138s Not shown: 65533 filtered tcp ports (no-response) PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 (protocol 2.0) | fingerprint-strings: | NULL: |_ SSH-2.

HTB Writeup: Resolute

Enumeration nmap Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-07 22:44 IST Nmap scan report for 10.129.96.155 (10.129.96.155) Host is up (0.078s latency). Not shown: 65511 closed tcp ports (reset) PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2022-07-07 10:23:33Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: megabank.

HTB Writeup: Sauna

Enumeration nmap Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-07 07:05 IST Nmap scan report for 10.129.95.180 (10.129.95.180) Host is up (0.071s latency). Not shown: 65516 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 80/tcp open http Microsoft IIS httpd 10.0 |_http-server-header: Microsoft-IIS/10.0 | http-methods: |_ Potentially risky methods: TRACE |_http-title: Egotistical Bank :: Home 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2022-07-07 08:37:43Z) 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 389/tcp open ldap Microsoft Windows Active Directory LDAP (Domain: EGOTISTICAL-BANK.

HTB Writeup: Buff

Enumeration nmap # Nmap 7.92 scan initiated Sun Jul 3 11:41:02 2022 as: nmap -sC -sV -T3 -oA nmap-tcp-all-ports -p- -iL ip.txt Nmap scan report for 10.129.25.107 (10.129.25.107) Host is up (0.080s latency). Not shown: 65533 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 7680/tcp open pando-pub? 8080/tcp open http Apache httpd 2.4.43 ((Win64) OpenSSL/1.1.1g PHP/7.4.6) |_http-title: mrb3n's Bro Hut |_http-open-proxy: Proxy might be redirecting requests |_http-server-header: Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.

HTB Writeup: Undetected

Enumeration nmap Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-01 08:36 IST Nmap scan report for 10.129.136.44 (10.129.136.44) Host is up (0.078s latency). Not shown: 65533 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.2 (protocol 2.0) | ssh-hostkey: | 3072 be:66:06:dd:20:77:ef:98:7f:6e:73:4a:98:a5:d8:f0 (RSA) | 256 1f:a2:09:72:70:68:f4:58:ed:1f:6c:49:7d:e2:13:39 (ECDSA) |_ 256 70:15:39:94:c2💿64:cb:b2:3b:d1:3e:f6:09:44:e8 (ED25519) 80/tcp open http Apache httpd 2.4.41 ((Ubuntu)) |_http-title: Diana's Jewelry |_http-server-header: Apache/2.4.41 (Ubuntu) Service detection performed.

HTB Writeup: Registry

Enumeration nmap Starting Nmap 7.92 ( https://nmap.org ) at 2022-07-02 16:27 IST Nmap scan report for 10.129.187.31 (10.129.187.31) Host is up (0.081s latency). Not shown: 65532 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 72:d4:8d:da:ff:9b:94:2a:ee:55:0c:04:30:71:88:93 (RSA) | 256 c7:40:d0:0e:e4:97:4a:4f:f9:fb:b2:0b:33:99:48:6d (ECDSA) |_ 256 78:34:80:14:a1:3d:56:12:b4:0a:98:1f:e6:b4:e8:93 (ED25519) 80/tcp open http nginx 1.14.0 (Ubuntu) |_http-title: Welcome to nginx! |_http-server-header: nginx/1.