BLOCKY
- Layout for this exercise:

1 - INTRODUCTION
- The goal of this exercise is to develop a hacking process for the vulnerable machine Blocky, what is a retired machine from the Hack The Box pentesting platform:
https://www.hackthebox.eu/
2 - ENUMERATION
- Blocky's IP is 10.10.10.37:

- Scanning with Nmap:

- Scanning deeper ports 21,22,80 and 8192:

- Dirbusting the web server:

- Using the browser to explore some of those folders, the main page is Under Construction:

- /wp-login:

- /wp-includes:

- /phpmyadmin:

- /plugins:

3 - EXPLOITATION
- From /plugins let's save the file BlockyCore.jar:

- javadecompilers helps us to open and read the content of BlockyCore.jar:

- Uploading BlockyCore.jar:

- Selecting JDCore as decompiler:

- The decompiling process is successful:

- Reading the results online (we could also download the results to the local machine clicking Save):

- So there is an SQL password available for user root, let's store that password:

- Though the password is for an SQL database, let's try to use it to SSH as root, just in case it works.
- Unfortunately the access is denied:

- However the password works for the phpMyAdmin login portal:

- Once having accessed to phpMyAdmin, at the database wordpress there is a user notch:

- Now, credentials notch:8YsqfCTnvxAUeduzjNSXe22 are sucessful to access with SSH:

4 - READING THE 1st FLAG
- Reading user.txt:

5 - PRIVILEGE ESCALATION
- Access to folder /root is denied:

- We are lucky because user notch is a full privilege sudoer:

- Getting a root shell:

6 - READING THE 2nd FLAG
- Reading root.txt:
