Board Light - HackTheBox Writeup (Easy)
Machine Summary In this Hack The Box machine, I start of with basic Nmap enumeration. Then move on to directory enumeration and vhost enumeration using gobuster and ffuf. From here, we find an endpoint running Dollibarr v17.0.0 that is vulnerable to CVE-2023-30253. We are able to leverage this to get a reverse shell on the machine and get an initial foothold. From here, we find a password for the user larissa and are able to use these credentials to log in via SSH.
Read more...