HTB Bashed WIP writeup

The user flag is pretty straightforward and simple to grab

1. Add to our /etc/hosts file

2. nmap scan

Port 80 so running a webserver

3. Gobuster to enumerate while we poke around

/dev looks interesting

4. Wappalyzer to view technologies being used

5. Let’s check out the /devs directory

phpbash.php file… interesting

6. Click phpbash.php

Interactive shell. Nice

7. Poke around

Profit

8. ??? WIP