The application is vulnerable to a SQL injection, however you need to find a way to bypass the WAF. The payload must also be chunked.

I’ve decided to start making new posts on Challenges I’ve been doing, as a break from the various machines. I’ll be covering at least 5 challenges per post, so without further ado these are the challenges I’ll covering:

I first conducted an nmap scan to see find any open ports and potentially vulnerable services

I’ll start with an nmap scan to see what open ports there are.

Begin by performing a port scan against the machine which reveals ports 22 and 80 as open. The IP address resolves to http://pov.htb

I’ll start by performing a port scan on the machine. There are various ports open, so we’re likely dealing with a domain controller that also has port 80 open resolving to analysis.htb, so I’ll add that to my /etc/hosts file.

Reveals 5 TCP ports open, http/https protocol resolve to nagios.monitored.htb

<img src=../../assets/bizness_assets/1.jpg>