In this 30 Days of Cyber Security challenge, I tackled the Easy Windows machine ‘Cicada’ on Hack the Box. This article is written in the format of a live penetration test report instead of a normal blog entry.
Posts for: #Enumeration
Boardlight
An easy rated Linux box that emphasizes and develops enumeration skills, both externally and internally. Foothold is obtained through an authenticated RCE that exploits improper input sanitization. Further enumeration reveals a plaintext password that is reused by another user, allowing escalation of privileges. Finally, root access is obtained through a zero-day exploit found in the Enlightenment Window Manager.