HackTheBox

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.

Hack The Box

Link to HTB: http://hackthebox.eu/

Tools I use:

Help resources:

Kali Linux commands

Portscanning target with nmap

nmap -sC -sV [targetIP]
nmap -A -T4 -p- [targetIP]

FTP

ftp [targetIP]

SMB Client

smbclient -L [targetIP] -U [username]

Query netbios names

nmblookup -A [targetIP]

Finding open shares

nbtscan [targetIP]

Enumerate samba shares

smbmap -H [targetIP]

Windows enumeration

enum4linux -a [targetIP]

Locate path of files

locate [string]

Enumerating users with impacket

python3 ./samrdump.py [targetIP]

Get password hash from user using kerberosting

python3 ./GetNPUsers.py DOMAIN/username -no-pass -dc-ip [dcIPaddress]

Crack a password hash

john -wordlist=/usr/share/wordlists/rockyou.txt [filewithhashes.txt]

Connect over winrm

evil-winrm -u [username] -i [targetIP]

Download all files from smbshare

recurse on
prompt off
mask *
mget *