Runner HTB Writeup | HacktheBox | HackerHQ

·

1 min read

Runner HTB Writeup

Introduction

Today, I'll be diving into Runner Writeup, a Windows box on Hack The Box created by Geiseric, to hack it. Throughout this post, I'll detail my journey and share how I successfully breached Runner to retrieve the flags.

Since I'm still honing my skills, I'll occasionally reference the official Runner Walkthrough for guidance. Consider this write-up as more of a personal blog documenting my experience rather than a comprehensive step-by-step guide.

Full Writeup - https://www.hackerhq.tech/2024/04/runner-htb.html

Runner Hacking Phases

Initial Access

  1. Nmap TCP Port Scan

    • Checking for open ports using Nmap.
  1. Web Page Enumeration

    • Exploring and gathering information from web pages.
  1. Directory Bruteforce

    • Attempting to find hidden directories.
  1. Vulnerability Assessment

    • Identifying potential weaknesses and vulnerabilities.
  1. Server-Side Template Injection Exploitation

    • Exploiting server-side template injection vulnerabilities.
  1. User Flag

    • Obtaining the user flag.