📦 HTB - Cap
Simple easy box, perfect to warmup before the FIC 2021 and get more confidence in 1337 h4ck1n9
TL;DR Find PCAP file on server, get SSH credentials, execute code as root with Python.
Footholds I did not even use nmap here, as we had a web server serving on port tcp:80. This website looked like this:
It seems to be a security dashboard for a server, we don’t have any info about that.