Scribd Logo
Upload

Welcome to Scribd!

  • 7 views

    CEH Lab Archtype

    Uploaded by

    rowen prather
    This document provides a summary of a penetration test performed on the target machine "archtype" on the HTB (Hack The Box) network. The objective was to discover and exploit vulnerabilities to gain administrator privileges. Initially, open ports and running services were scanned. The backups stored on the machine were accessed using smbclient. Then msspl client was used to remotely login. Commands were used to create a stable command shell and connect to the server, granting root access. Recommendations included changing the SMB login to require verification, changing passwords, changing vulnerable services, and decommissioning the machine.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    CEH Lab Archtype

    Uploaded by

    rowen prather
    7 views7 pages
    This document provides a summary of a penetration test performed on the target machine "archtype" on the HTB (Hack The Box) network. The objective was to discover and exploit vulnerabilities to gain administrator privileges. Initially, open ports and running services were scanned. The backups stored on the machine were accessed using smbclient. Then msspl client was used to remotely login. Commands were used to create a stable command shell and connect to the server, granting root access. Recommendations included changing the SMB login to require verification, changing passwords, changing vulnerable services, and decommissioning the machine.

    Original Description:

    Original Title

    CEH lab Archtype

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides a summary of a penetration test performed on the target machine "archtype" on the HTB (Hack The Box) network. The objective was to discover and exploit vulnerabilities to gain administrator privileges. Initially, open ports and running services were scanned. The backups stored on the machine were accessed using smbclient. Then msspl client was used to remotely login. Commands were used to create a stable command shell and connect to the server, granting root access. Recommendations included changing the SMB login to require verification, changing passwords, changing vulnerable services, and decommissioning the machine.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    7 views7 pages

    CEH Lab Archtype

    Uploaded by

    rowen prather
    This document provides a summary of a penetration test performed on the target machine "archtype" on the HTB (Hack The Box) network. The objective was to discover and exploit vulnerabilities to gain administrator privileges. Initially, open ports and running services were scanned. The backups stored on the machine were accessed using smbclient. Then msspl client was used to remotely login. Commands were used to create a stable command shell and connect to the server, granting root access. Recommendations included changing the SMB login to require verification, changing passwords, changing vulnerable services, and decommissioning the machine.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 7

    Week 3 HTB Report Archtype

    Report by Rowen
    Table of Contents
    Pen Test: archtype
    Intro and Objective
    Introduction
    Objective
    Report – high level summary
    High level summary
    Recommendations
    Report – Methodologies
    Introduction and Objective
    Introduction
    This document provides comprehensive and detailed documentation
    outlining the steps taken to penetrate the security and resilience of the target known
    as "archtype." Throughout this guide, we will cover various measures and best
    practices aimed at fortifying the machine against potential vulnerabilities and
    security threats.

    Objective
    The objective of the penetration test is to discover and exploit vulnerabilities
    in the machine with the main target being to gain access to machine and gain
    administrator privileges. However, this is not for malicious purpose as the scope of
    this test is to demonstrate the process used in a concise manner while also
    explaining any steps or best practices to be taken to patch or monitor the associated
    vulnerabilities to secure the target machine.
    Report: High level summery

    Summery
    I was tasked with performing the Pen test against the target on the HTB
    network. The test serves as a simulated attack against this specific machine.
    Initially I scanned the machine to see what ports were open and what was running.
    We can then use smbclient to gain access to the nackups stored on the machine.
    With the password for the account found next was to download msspl client remote
    tool and remote login. Then with a few commands we create a new stable xp cmd
    shell and connect to the server. This grants us root access to the rest of the
    machine.

    Recommendations
    Changing the login so smbclient requires verification might prevent this
    from happening again. Should change password for machine. The services are
    inherently flawed so changing what is running for this machine is super important.
    Main recommendation is to decommission the machine and procure a new one
    with better services that cant be manipulated as easy.
    Report – Methodologies
    First we scan the target
    https://systemweakness.com/archetype-hackthebox-walkthrough-be99a1fba8ea

    You might also like