Hackthebox Walkthrough: Beep

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on whatsapp
WhatsApp

Hello Guys, Welcome to my new blog. In this blog, I am posting a walkthrough of a Hackthebox machine named Beep.

Beep is a Linux Based machine. The IP of the machine is 10.10.10.7

Let’s Start

As always I start with Nmap for scanning.

nmap -sC -sV -oA nmap 10.10.10.7

There are many ports open. Some are 22,80,443, etc.

Let’s check on port 80 as some website is running on it. And I found a login page there.

There is a login page named Elastix. So I just do a simple search on google to find the exploits.

You can see there is an exploit of Local File Inclusion. I open that page and find the LFI command there.

You can read more about Local File Inclusion from here.

I open it in the browser and find something interesting there.

I found a password there. So I try to login with this password.

And I successfully log in. So I just think to login ssh with that password.

and I successfully log into ssh. After some enumeration, I get the user.txt and root.txt.

Happy Hacking.

This Walkthrough is written by Amit. Amit is a Penetration testing student at Azure Skynet. You can contact him from here.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on whatsapp
WhatsApp

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top