Bolt HackTheBox
Bolt Machine(10.10.11.114) It was a nice machine with some info leaks in source code of downloadable. And then Exploiting SSTI for foothold and cracking pgp keys for getting root. Recon: strating port scan rustscan -a 10.10.11.114 -u 5000 -- -A we get 3 open ports 22/tcp open ssh syn-ack OpenSSH 8.2p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) 80/tcp open http syn-ack nginx 1.18.0 (Ubuntu) |_http-favicon: Unknown favicon MD5: 76362BB7970721417C5F484705E5045D | http-methods: |_ Supported Methods: OPTIONS GET HEAD |_http-server-header: nginx/1.18.0 (Ubuntu) |_http-title: Starter Website - About 443/tcp open ssl/http syn-ack nginx 1.18.0 (Ubuntu) |_http-favicon: Unknown favicon MD5: 82C6406C68D91356C9A729ED456EECF4 | http-methods: |_ Supported Methods: GET HEAD POST |_http-server-header: nginx/1.18.0 (Ubuntu) | http-title: Passbolt | Open source password manager for teams |_Requested resource was /auth/login?redirect=%2F | ssl-cert: Subject: commonN...