HackTheBox Eureka Writeup
A walkthrough of the HackTheBox 'Eureka' machine which is hard rated linux box. This write-up covers initial access, privilege escalation, and post-exploitation techniques.
RECONNAISSANCE
NMAP
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
┌──(dollarboysushil㉿kali)-[~/Documents/HTB_BOXES/environment]
└─$ nmap -sC -sV 10.10.11.66
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.12 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 3072 d6:b2:10:42:32:35:4d:c9:ae:bd:3f:1f:58:65:ce:49 (RSA)
| 256 90:11:9d:67:b6:f6:64:d4:df:7f:ed:4a:90:2e:6d:7b (ECDSA)
|_ 256 94:37:d3:42:95:5d:ad:f7:79:73:a6:37:94:45:ad:47 (ED25519)
80/tcp open http nginx 1.18.0 (Ubuntu)
|_http-title: Did not follow redirect to http://furni.htb/
|_http-server-header: nginx/1.18.0 (Ubuntu)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
PORT STATE SERVICE REASON VERSION
8761/tcp open http syn-ack ttl 63 Apache Tomcat (language: en)
|_http-title: Site doesn't have a title.
| http-auth:
| HTTP/1.1 401 \x0D
|_ Basic realm=Realm
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
Active Challenge
This challenge is currently active on HackTheBox.
In accordance with HackTheBox's content policy, this writeup will be made publicly available only after the challenge is retired. This approach maintains the integrity of active challenges while ensuring educational resources are available for learning purposes.
Secured
Content Access Required
Enter the password to unlock the full writeup content
This post is licensed under
CC BY 4.0
by the author.