HackTheBox - Monitored
2 min read
4 months ago
Published on May 12, 2024
This response is partially generated with the help of AI. It may contain inaccuracies.
Table of Contents
Step-by-Step Tutorial: HackTheBox - Monitored
-
Initial Enumeration:
- Begin by running an Nmap scan with the following options:
nmap -sC -sV -vv -oA monitor 10.10.11.248
- Analyze the scan results to identify open ports and services running on the target machine.
- Begin by running an Nmap scan with the following options:
-
Identifying Nagios Service:
- Notice the presence of Nagios on port 80 and 443 during the Nmap scan.
- Add the domain
10.10.11.248 monitor.htb
to your host file for easier access.
-
Exploring Nagios Web Interface:
- Visit
http://10.10.11.248
in your browser and accept the SSL certificate. - Log in using default credentials like
nagios:nagios
ornagiosadmin:nagiosadmin
.
- Visit
-
Brute-Forcing Credentials:
- Use a tool like
wfuzz
to brute-force credentials on the Nagios login page.wfuzz -w /path/to/wordlist.txt -u http://n.m.monitor.htb/ -d "username=FUZZ&password=nagios" --hl 11
- Use a tool like
-
Enumerating SNMP:
- Use SNMP tools like
snmpwalk
to gather information about the target system.snmpwalk -v2c -c public 10.10.11.248
- Use SNMP tools like
-
Exploiting SQL Injection:
- Exploit the SQL injection vulnerability in Nagios to extract sensitive information.
- Craft SQL queries to extract data from the database tables like
nagio XI
.
-
Creating a New Admin User:
- Use the obtained information to create a new admin user in Nagios.
- Access the Nagios dashboard with the new credentials.
-
Creating a Reverse Shell:
- Configure a health check in Nagios to execute a reverse shell command.
- Trigger the health check to gain a reverse shell on the target machine.
-
Privilege Escalation:
- Identify and exploit a vulnerable cron job or service to escalate privileges.
- Replace binaries or scripts with malicious payloads to gain root access.
-
Maintaining Access:
- Ensure persistence by setting up a backdoor or modifying system configurations.
- Monitor the system for any changes or attempts to remove your access.
-
Cleanup and Exit:
- Once you have completed your objectives, remove any traces of your activities on the target machine.
- Exit the system securely to maintain the integrity of the target environment.
-
Conclusion:
- Congratulations! You have successfully exploited the "Monitored" machine on HackTheBox.
- Reflect on the techniques used and lessons learned during the penetration testing process.