Htb [2021]: Axura

nmap -sV -sC -oA axura_nmap 10.10.10.13

The reverse shell provided SYSTEM-level access to the machine. axura htb

💡 Don't trust the rabbit holes. Enumerate deeper, and always check for hidden credentials in config files. nmap -sV -sC -oA axura_nmap 10

Further exploration of the Axis camera application led to the discovery of a credentials file ( credentials.xml ) that contained base64-encoded credentials: axura htb

Just finished rooting on Hack The Box! This box was a fantastic exercise in enumeration and patience. Here is a quick breakdown of the path:

Sign In

Htb [2021]: Axura

Activity