HTB: OpenKeyS
This is a writeup about a retired HacktheBox machine:
OpenKeys published on
July 25 2020 by
polarbearer and
GibParadox
This box is classified as a medium machine. This box implies an openBSD box with
a check_auth
exploit.
This is a writeup about a retired HacktheBox machine:
OpenKeys published on
July 25 2020 by
polarbearer and
GibParadox
This box is classified as a medium machine. This box implies an openBSD box with
a check_auth
exploit.
Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the Linux Kernel. "A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system." (Source: Red Hat)
The 13th if July a new wild CVE appeared (Yes, Pokemon Go is still a buzz for the moment).
The CVE 2016-6210 allow a user enumeration on an SSH server by comparing request time between non existing user and allowed ones. This vulnerability target OpenSSHD with a version of 7.2p2 or inferior.
That means with a good dictionary you may know which user are present on the server with an SSH access.
This post just demonstrate how to exploit this vulnerability with a simple example.