Skip to main content

Hack The Box Optimum



 Testing Methodology

 We can start our enumeration by a nmap scan

The output shows that there is only one port which is 80(HTTP)
By visiting port 80 we have httpfileserver


By googling about the version reveals that there is a vulnerability and there is a metasploit module
 
We have code execution now with privilege escalation . There is a script called Sherlock which can be used to check for local privilege escalation.

The output shows that it is vulnerable to MS16-032
 

Comments