HackTheBox Silentium Machine Walkthrough
Reconnaissance & Enumeration Doing simple nmap command: nmap -v -sV <MACHINE_IP> The server has 2 ports http and ssh, visit the website I couldn’t get anything useful the only thing is I found 3 leadership users, which may be used to gain access through ssh: I brute-force the domain in order to see I got anything useful: ffuf -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt -u http://silentium.htb -H "Host: FUZZ.silentium.htb" -fs 8753 > result.txt cat result.txt | grep "Status: 200" ...