HTB Nibbles
This post is a walkthrough of the Hack The Box room Nibbles Intro Nibbles is a fairly simple machine, however with the inclusion of a login blacklist, it is a fair bit more challenging to find valid credentials. Luckily, a username can be enumerated and guessing the correct password does not take long for most. Enumeration NMAP Scan sudo nmap -sVC -T4 -p- -vv -oA nmap/alltcp-ports 10.129.202.224 --open Discovered Ports Discovered open port 80/tcp on 10.129.202.224 Discovered open port 22/tcp on 10.129.202.224 Below we can see the web server is running on a Ubuntu 2.2 Server and using Apache 2.4.18 as the backend for the webserver. ...