Shibboleth: HackTheBox Walkthrough

Shubham Kumar
InfoSec Write-ups
Published in
5 min readJan 16, 2022

--

Welcome back! Today we are going to solve another machine from HacktheBox. The box is listed as an easy box. Just add shibboleth.htb in /etc/hosts file and Let’s jump in!

Please Subscribe to e-mail notifications and support me, So that it can motivate me to write more!!!

Port Scanning

During my port scanning process, I first use rustscan to find out the number of open ports quickly …

… and then start a detailed Nmap scan on those open ports. This will save a lot of time.

Web Reconnaissance

So we have only one port open i.e. port 80. Let’s try to enumerate it. I first started a ffuf scan to check if we have any hidden directories or not. Nothing useful as such.

--

--