Hackback
Hackback
Hackback 176
Hackback
RETIRED MACHINE

Hackback

Hackback - Windows Windows
Hackback - Insane Insane

5

MACHINE RATING

430

USER OWNS

410

SYSTEM OWNS

23/02/2019

RELEASED
Created by decoder & yuntao

Machine Synopsis

Hackback is an insane difficulty Windows box with some good techniques at play. A GoPhish website is discovered which leads us to some phishing vhosts. While fuzzing for files a javascript file is discovered which is rot13 encoded. It contains sensitive information about an admin page which leads to RCE vulnerability. PHP disabled_functions are in effect, and so ASPX code is used to tunnel and bypass the firewall. Enumeration of the file system leads to a code injection vulnerability in a configuration file, from which named pipe impersonation can be performed. Enumeration reveals that the user has permissions on a service, which allows for arbitrary writes to the file system. This is exploited to copy a DLL to System32, and triggering it using the DiagHub service to gain a SYSTEM shell.

Machine Matrix

Ready to start your
hacking journey?