Prior knowledge for penetration testing the Hack the Box machine Celestial

1. Penetration Testing
Wednesday, August 29

2. Quick Information
Join us on Discord - https://discord.gg/M2r4Tg
Firetalks

3. Quick Overview
1. Recon = Finding background information on target without interfacing with the target.
(Since we are doing Hack-the-Box we won’t be doing this)
2. Enumeration = Scanning machines for information; this involves scanning for open ports,
services, things that we can exploit. We want to understand how everything is operating
so we can exploit it
3. Exploitation = The fun part; we will use the information from enumeration to craft an
exploit in order to gain access to something we want but they don’t want access too.
4. Escalation = Once we get access we want to gain more access; Going from a user account
to root in this case
5. Persistence = Being able to get back in case our exploit breaks or they patch the way we
initially broke in
6. Clean up= Leaving no trace we were there ;)

4. Our Target (recon)
Hack the Box = Celestial
● IP Address = 10.10.10.85
● Operating System = Linux
● And … thats about all we know so far

5. Enumeration
● It’s always a good idea to have a scan going in the background
● Two types of scans we will focus on today
○ Network/Service Scanning
■ Nmap
■ Nessus
○ Web server Scanning
■ Gobuster
■ Nikto
■ WPScan (only for wordpress)

6. NMAP Results

7. Exploitation

8. Escalation

9. More Escalation… or is
this called Pivoting?

10. Clean up
● Lets delete anything that might show we were there