[HTB] Mango — Write-up (OSWE-Prep)

Mango was a medium difficulty Linux box. Good learning path for:

  • MongoDB — NoSQL Exploit to Brute-force the passwords
  • Permissive SUID Binary Abuse (GTFobins — JJS Exploit)

Initial Recon

Nmap

# nmap -Pn — open -sC -sV -p- -T4 10.10.10.162PORT    STATE SERVICE

--

--

--

OSWE | OSCE | OSCP | CREST | Lead Offensive Security Engineer — All about Penetration Test, Red Team, Cloud Security, Web Application Security

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

THORChain Joins Immunefi with $500,000 Bug Bounty

Multigaming 145,000ZQB Token Airdrop

Is it finally time to kill off the VPN?

{UPDATE} Mouse Mayhem Game Pro Hack Free Resources Generator

HOW TO PROTECT YOUR ASSETS FROM HACKERS.

Set Up Google Cloud Armor to Secure your Website

{UPDATE} Gem Blast Match-3 Jewel Crush Hack Free Resources Generator

4 Bad Habits that Threaten Your WordPress Website

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
bigb0ss

bigb0ss

OSWE | OSCE | OSCP | CREST | Lead Offensive Security Engineer — All about Penetration Test, Red Team, Cloud Security, Web Application Security

More from Medium

The Tools to Scale Your Pentest Firm | Cyver Core

Livestream setup

TFCCTF2021 — AAAAA [Forensic]

Three Key Ransomware Trends in 2022: RaaS, Multiple Extortion, and IABs