I was trying to install mitm6 (https://github.com/dirkjanm/mitm6) and I kept running into errors when attempting to run it. I kept getting the following error messages. “Bad key pcolormesh.snap in file /usr/share/matplotlib/mpl-data/matplotlibrc” “KeyError: ‘mpl_toolkits.legacy_colorbar’” I didn’t find any relief for the issue looking at the project’s GitHub issues list. I ended up running the following command […]

Cain and Able is long in the tooth currently, but it still comes up some times in learning materials. Running it in Windows 10 can be problematic due to the age of the app and the dependencies. I wanted to get Cain and Able running to use it for walkthroughs for students, so I was […]

This write-up is pretty sloppy. I tried several things, but I didn’t clean it up too well in the write-up. I wasn’t going to post this one, but it’s a good reminder to keep things clean in the future. I had to re-do several steps weeks after to get the write-up completed. Obviously, if this […]

I’ve been quiet for a while on here. There are multiple reasons behind this, but the biggest one is that I went through Offensive Security’s PWK course. I had done quite a bit of research leading up to the PWK, which I think was very helpful because there is a lot of stigma around the […]

So, I haven’t posted anything in a while. I’ve been busy, just not with HTB. I decided to get back into HTB after going through about 25 of TJ_Null’s machines and going through the PWK. I may post about that experience pretty soon. This box was a rough one to break back into. It’s a […]

Next on TJ_Null’s list for me was “Bastard”. 1. Enumeration The first step is enumeration. As always, I started with an nmap scan of the machine. The following ports were opened. 80/tcp – HTTP 135/tcp – msrpc 49154/tcp – msrpc I started by investigating port 80 to see what all could be enumerated. The server […]

In continuing on with TJ_Null’s OSCP-like VMs, I moved on to “Bashed”. 1. Enumeration I started the machine with an nmap. The scan showed the following port as open: 80/tcp – HTTP Since this machine only appeared to have one port open, I decided to use DirSearch against it. 2. Pwning User I checked the […]

In working through @TJ_Null’s HTB OSCP-like VMs, I started with “Arctic”. I also made a point to finish this machine without using metasploit. 1. Enumeration I started with an nmap scan of the box to find out which services are running. The scan showed up that the following ports were open. 135/tcp – msrpc 8500/tcp […]

It has been a while since I have posted anything. This is mainly because I took a break from Hack the Box and invested in 3 months of Virtual Hacking Labs access. Coming into Virtual Hacking Labs I had some light red-team training (GCIH, Some HTB boxes, etc), but I really wanted to focus on […]

  This was my third “easy” box to own on HackTheBox. This box took me the longest so far. I really got hung up at privilege escalation (as you will see below). 1. Enumeration Before I do any enumeration, I edit my “/etc/hosts” file to add the IP of the machine. I named this box […]