One of VBScripts boxes on windows focuses heavily on reversing applications to crack credentials. Run Nmap Only 445 is open? Lets run again with the -p- flag to confirm, feeling like another evil-winrm box. Foothold Enumeration Running a quick nmap scan for vulnerabilities doesn’t give us anything. We get the hostname. Enum4Linux doesn’t get us … Continue reading Nest


This box is a mixture of CVEs, mis-configurations and GTFObins Run Nmap Quick scan shows us a webserver and ssh are open. We will run a more intensive scan to double check and get dirb running. We also see Nostromo 1.9.6 is the webserver running. While those scans run lets research this. Run Dirb Nostromo … Continue reading Traverxec