Prepare the Linux Environment

<aside> 💡 We will use Kali Linux in a Virtual Machine in network NAT Mode. Kali has many penetration tools, so we don’t need to install them all.

</aside>

Untitled

Connect to the CozyHosting Machine

<aside> 💡 HTB machine runs on private IP address. So it is impossible if we don’t connect to the VPN

</aside>

Connect to HTB → OpenVPN → Download VPN VPN Access: Singapore → Closer to Indonesia, Less Ping, Faster data transmission Protocol: TCP 443 → TCP is more reliable connection than UDP

Open terminal to run OpenVPN

sudo openvpn ~/Downloads/lab_naufalalfa.ovpn

Make Sure the VPN is running. Don’t close the terminal
Click Connect to the machine
Try to ping the machine IP Address. If successful than VPN connection has been successfully establised!

We can do nmap with nmap -sC -sV -T4 -p- 10.10.11.230
1. -sC → Run default scripts against the target. These scripts may perform various tasks to gather information about the target, including service discovery and vulnerability detection.
2. -sV → Enables version detection, which attempts to determine the version of the services running on open ports. It can be useful for identifying specific software versions that may have known vulnerabilities.
3. -T4 → Sets the timing template for the scan. It can be T0 - T5. Higher is faster, but in some case, it may trigger IDS/Firewall.
4. -p- → Detects all port
We can conclude that there are 2 open port
1. Port 80 → CozyHosting Webserver → We can access the website
2. Port 22 → Machine SSH → We can access machine’s shell by SSH

Enter 10.10.11.230:80 on the browser. But we cannot access the site

<aside> 💡 This maybe happened as our system has not address the DNS. We can solve this by editing /etc/hosts

</aside>