Keeper_Hack_The_Box_Write_up

In this write-up, we will solve a box on hack the box called Keeper.

General Information

Name :- Keeper
Difficulty :- Easy
OS :- Linux
IP :- 10.10.11.227
Points :- 20

Reconnaissance:

First we ping the IP address to check that we connected properly or not.

Nmap Scan

nmap 10.10.11.227 --open

This open function show’s only open port. In the target machine there are only two ports open: 22 & 80.

After finding open port now we can use our nmap scan for this port.

nmap -sV -sC 10.10.11.227 -p80

paste the ip address any browser. It redirect a web page that page. We got a new subdomain and we add it in our /etc/hosts file.

The following command for edit our /etc/hosts file is:-

sudo nano /etc/hosts

After adding our /etc/hosts file. Now we can visit the domain (tickets.keeper.htb)

We got a Login page and find some jucy data. We got the version of this RT ticket’s. It’s version is RT 4.4.4+dfsg-2ubuntu1 (Debian).

We search RT for tickets default credential’s & try this credential if it works .

Default credential is :- Login as ‘root’ with password as ‘password’……….…. Now we can try this

Ola we get access as a root user. In this page there are a Admin section. Now see anything we can found here.

In this Admin section there is a user section. In this user section there are two option select and create.

In user section there 2 user. 1st user is :- lnorgaard and 2nd user is:- root Now click on lnorgaard user.

After clickin on lnorgaard user we see password.

Now try to login in ssh port. With the initial password.

Ola we got user access. Now try to find user.txt by using command

ls -al

Ola we got user.txt

Thnx for reading this blog. Happy Hacking.