๐Skyfall - HTB
https://app.hackthebox.com/machines/Skyfall
Last updated
Foothold
Open ports
Fuzzing for vhosts
here shows its minio which is cloud object storage
if you try to visit the MinIO Metrics it will gives you 403 forbidden
to bypass that ,we can intercept the request with burpsuite and use tab character "Double tab" after the directory path
that's will show us a new domain we can use to communicate with MinIo objects
minio is vulnerable to information disclosure below link for more reference
now we can download MinIo Client
first thing we need to do is to configure the server
found many different versions
what i have done is undo twice and it will revert back twice then download the backup file
downloading all versions and found hashicorp exports ,new domain + token that gonna help later with authentication
now we can login using vault tool from hashicorp ,but as per documentation we need to export VAULT_ADDR to the found domain ,then we login
now following this from hashicorp documentation
Root
sudo -l
First create a new file "debug.log" for the flag "-d" to save the debug output to that file and extract the used master token
