Hack The Box — Brainfuck Writeup w/o Metasploit

This is the 15th blog out of a series of blogs I will be publishing on retired HTB machines in preparation for the OSCP. The full list of OSCP like machines compiled by TJ_Null can be found here.

Let’s get started!

Reconnaissance

First thing first, we run a quick initial nmap scan to see which ports are open and which services are running on those ports.

nmap -sC -sV -O -oA initial 10.10.10.17

• -sC: run default nmap scripts
• -sV: detect service version
• -O: detect OS
• -oA: output all formats and store in file initial

We get back the following result showing that five ports are open:

• Port 22: running OpenSSH 7.2p2 Ubuntu 4ubuntu2.1
• Port 25: running Postfix smtpd
• Port 110: running Dovecot pop3d
• Ports 143: running Dovecot imapd
• Ports 443: running nginx 1.10.0

Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-25 09:49 EST
Stats: 0:00:14 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 60.00% done; ETC: 09:50 (0:00:04 remaining)
Nmap scan report for 10.10.10.17
Host is…