Today, I’ll be diving into , a Windows box on Hack The Box created by to hack it. Throughout this post, I’ll detail my journey and share how I successfully breached Runner to retrieve the flags.
Since I’m still honing my skills, I’ll occasionally reference the official Runner Walkthrough for guidance. Consider this write-up as more of a personal blog documenting my experience rather than a comprehensive step-by-step guide.
Runner Hacking Phases
Initial Access
Privilege Escalation
Runner Enumeration
To begin, I fired up the Runner machine and connected to the VPN. Afterward, I checked if the box was online by pinging it. Here are the results of the Nmap scan:
It appears to be an Ubuntu system running Nginx. Additionally, the domain linked to the box is Runner.htb.
I also noticed that the SSL certificate is set to Dorset, which made me wonder if TheCyberGeek is from there.
Runner Application Enumeration
After conducting my Nmap scans, I attempted to access the IP address directly in my browser, but it redirected me to the Runner.htb domain.
To ensure proper redirection and access to the application, I added both the domain and IP address to my host file.
Here’s the outcome when I tried to visit the IP address, followed by the command I used to add the domain to my host file. Lastly, you can observe the application I was endeavoring to reach.
Originally published at https://www.hackerhq.tech on April 20, 2024.
