Hack The Box: Tenten




Difficulty: Medium

Machine Creator: ch4p

Tools Used: NMAP WPScan Steghide John

Task: To find User.txt and Root.txt

Network Enumeration

Let’s start with a quick NMAP scan to discover open ports and services.







If we change the number, we get a different job application. Let’s see what all of the titles say. We can do this with a simple bash script.

for i in $(seq 1 20); do echo -n “$i: “; curl -s http://10.10.10.10/index.php/jobs/apply/$i/ | grep ‘<h1 class=”entry-title”>’; done

We need to make a few changes to our script.

for year in range(2017,2018):  for i in range(1,13):  for extension in {‘php’,’html’,’pdf’,’png’,’gif’,’jpg’,’jpeg’}:








Privilege escalation

Now that we user access we need to elevate our permissions to root. Let’s start with getting system information.





fdsaaffdsaf