Node-Hack The Box Write up w/o Metasploit

Node is an interesting Linux machine that is listed in TJNull’s OSCP like machines.

Lets get started with nmap scanning.

I used nmapAutomater. You can download the tool from the below link

21y4d/nmapAutomator

— — — — — — — — — — -Starting Nmap Quick Scan — — — — — — — — — — -

Starting Nmap 7.80 ( https://nmap.org ) at 2020–10–02 06:42 PDT
Nmap scan report for 10.10.10.58 (10.10.10.58)
Host is up (0.028s latency).
Not shown: 998 filtered ports
Some closed ports may be reported as filtered due to — defeat-rst-ratelimit
PORT STATE SERVICE
22/tcp open ssh
3000/tcp open ppp

Nmap done: 1 IP address (1 host up) scanned in 10.96 seconds

— — — — — — — — — — -Starting Nmap Basic Scan — — — — — — — — — — -

Starting Nmap 7.80 ( https://nmap.org ) at 2020–10–02 06:42 PDT
Nmap scan report for 10.10.10.58 (10.10.10.58)
Host is up (0.026s latency).

PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 dc:5e:34:a6:25:db:43:ec:eb:40:f4:96:7b:8e:d1:da (RSA)
| 256 6c:8e:5e:5f:4f:d5:41:7d:18:95:d1:dc:2e:3f:e5:9c (ECDSA)
|_ 256 d8:78:b8:5d:85:ff:ad:7b:e6:e2:b5:da:1e:52:62:36 (ED25519)
| vulners:
| cpe:/a:openbsd:openssh:7.2p2:
| CVE-2008–3844 9.3 https://vulners.com/cve/CVE-2008–3844
| CVE-2016-8858 7.8 https://vulners.com/cve/CVE-2016-8858
| CVE-2016–6515 7.8 https://vulners.com/cve/CVE-2016-6515
| CVE-2016–10009 7.5 https://vulners.com/cve/CVE-2016-10009
| CVE-2016–10012 7.2 https://vulners.com/cve/CVE-2016-10012
| CVE-2015–8325 7.2 https://vulners.com/cve/CVE-2015-8325
| CVE-2016–10010 6.9 https://vulners.com/cve/CVE-2016-10010
| CVE-2019–6111 5.8 https://vulners.com/cve/CVE-2019-6111
| CVE-2018–15919 5.0 https://vulners.com/cve/CVE-2018-15919
| CVE-2018–15473 5.0 https://vulners.com/cve/CVE-2018-15473
| CVE-2017–15906 5.0 https://vulners.com/cve/CVE-2017-15906
| CVE-2016–10708 5.0 https://vulners.com/cve/CVE-2016-10708
| CVE-2019–16905 4.4 https://vulners.com/cve/CVE-2019-16905…