Hack the Box — Preignition
HTB Tags: #Linux #PHP #DefaultCredentials.
This is the fifth in the Starting Point series, and the second of the non-free VIP boxes with a focus on directory busting a Linux target. As normal, let’s start by enumerating with the standard commands, ping and nmap.
ping $IP -c 4
With one port showing active, port 80 (http), we can check out the website and enumerate the directories with gobuster.
The home page indicates a success install of the nginx web server.
From Google: NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability.
So let’s check out the folder structure.
gobuster dir -u http://$IP -w /usr/share/wordlists/dirb/common.txt
Using the dirb tool, common.txt file for speed:
We fiind an /admin.php file. This takes us to a login field.
Testing initially with a set of default credentials we find that we can gain access with the classic admin:admin which gives us the challenge flag.
A nice simple introduction into directory busting and enumeration. There are other binaries available (dirb, dirbuster, ZAP and Burp Suite etc.) and given the chance, this is the box to test them and get familiar with these tools.