3. Quick Overview
1. Recon = Finding background information on target without interfacing with the target.
(Since we are doing Hack-the-Box we wonât be doing this)
2. Enumeration = Scanning machines for information; this involves scanning for open ports,
services, things that we can exploit. We want to understand how everything is operating
so we can exploit it
3. Exploitation = The fun part; we will use the information from enumeration to craft an
exploit in order to gain access to something we want but they donât want access too.
4. Escalation = Once we get access we want to gain more access; Going from a user account
to root in this case
5. Persistence = Being able to get back in case our exploit breaks or they patch the way we
initially broke in
6. Clean up= Leaving no trace we were there ;)
4. Our Target (recon)
Hack the Box = Celestial
â IP Address = 10.10.10.85
â Operating System = Linux
â And ⌠thats about all we know so far
5. Enumeration
â Itâs always a good idea to have a scan going in the background
â Two types of scans we will focus on today
â Network/Service Scanning
â Nmap
â Nessus
â Web server Scanning
â Gobuster
â Nikto
â WPScan (only for wordpress)