https://chiefdennis.github.io/tags/script-analysis/Recent content in Script Analysis on Chief Dennis' BlogHugoenSun, 16 Jun 2024 13:07:16 +0100https://chiefdennis.github.io/posts/htb_blurry/Sun, 16 Jun 2024 13:07:16 +0100https://chiefdennis.github.io/posts/htb_blurry/<p><img src="https://chiefdennis.github.io/posts/htb_blurry/Scr_6.png#center" alt="image"></p> <p>The Blurry HTB machine is a medium difficulty level HackTheBox Machine. The main techniques and tools used to crack this machine are:</p> <pre><code>- ClearML - CVE-2024-24590 - Json deserialization - Scipt analysis - Fickling - Python scripting </code></pre> <h2 id="reconnaissance"> Reconnaissance <a class="heading-link" href="#reconnaissance"> <i class="fa-solid fa-link" aria-hidden="true" title="Link to heading"></i> <span class="sr-only">Link to heading</span> </a> </h2> <p>We start a broad Nmap scan by executing the following command:</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-sh" data-lang="sh"><span class="line"><span class="cl">sudo nmap -sS -T5 -vvv -p- 10.10.11.19 -Pn -oG nmap_inicial </span></span></code></pre></div><p>Where the arguments mean:</p>