Hack The Box – Bitlab

Hello, Here’s how I’ve solved the Bitlab machine on Hack The Box. Gitlab Access As usual we start of with a nmap scan: 1 2 3 4 5 6 7 8 9 10 11 12 root@kali:~# nmap -p- -sV 10.10.10.114 Nmap scan report for 10.10.10.114 Host is up (0.044s latency). Not shown: 65533 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) 80/tcp open http nginx Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 221.44 seconds The scan shows an nginx web server and ssh. If we visit the web server we’ll find a Gitlab instance. Gitlab is used by developers to host their source code. I tried searching for exploits but nothing came up. ...

December 16, 2019 · 4 min · Denis Nuțiu