Arctic
Arctic 是一个由 ch4p 创建的 Windows 机器,难度为简单。攻击者通过利用 Adobe ColdFusion 的远程代码执行(RCE)漏洞获取初始访问权限,并使用 JuicyPotato 进行权限提升以获得管理员访问。 2025-9-25 08:19:47 Author: infosecwriteups.com(查看原文) 阅读量:12 收藏

Hack The Box: Machine

Andrew Paul

Press enter or click to view image in full size

© Hack The Box

Details

Release Date: July 28th, 2017
OS: Windows
Difficulty: Easy
Created by: ch4p
Link: https://app.hackthebox.com/machines/Arctic
Soundtrack: Never Enough — Turnstile

Summary

Arctic is an easy-rated Windows machine on Hack The Box created by ch4p. The path to root involves exploiting a Remote Code Execution (RCE) vulnerability in an outdated version of Adobe ColdFusion to gain an initial foothold, followed by a privilege escalation leveraging the SeImpersonatePrivilege with JuicyPotato.

Reconnaissance

Nmap

sudo nmap -Pn -p- -sCV -O -T4 -oA nmap/arctic 10.129.207.19

Output

Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-31 22:46 ADT
Nmap scan report for 10.129.207.19
Host is up (0.082s latency).
Not shown: 65532 filtered tcp ports (no-response)
PORT      STATE SERVICE VERSION
135/tcp   open  msrpc   Microsoft Windows RPC
8500/tcp  open  fmtp?
49154/tcp open  msrpc   Microsoft Windows RPC
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general…

文章来源: https://infosecwriteups.com/arctic-83a0be82fc64?source=rss----7b722bfd1b8d---4
如有侵权请联系:admin#unsafe.sh