1. The document discusses the steps of a penetration test against a target machine called Celestial on the Hack the Box platform. 2. It outlines reconnaissance, enumeration through Nmap scanning, exploitation to gain initial access, escalation of privileges from user to root, establishing persistence, and clean-up to remove traces of access. 3. The target is an Linux machine at IP 10.10.10.85, and the session will walk through each step of the penetration test process.

1. Penetration Testing
Wednesday, August 29

2. Quick Information
Join us on Discord - https://discord.gg/M2r4Tg
Firetalks

3. Quick Overview
1. Recon = Finding background information on target without interfacing with the target.
(Since we are doing Hack-the-Box we won’t be doing this)
2. Enumeration = Scanning machines for information; this involves scanning for open ports,
services, things that we can exploit. We want to understand how everything is operating
so we can exploit it
3. Exploitation = The fun part; we will use the information from enumeration to craft an
exploit in order to gain access to something we want but they don’t want access too.
4. Escalation = Once we get access we want to gain more access; Going from a user account
to root in this case
5. Persistence = Being able to get back in case our exploit breaks or they patch the way we
initially broke in
6. Clean up= Leaving no trace we were there ;)

4. Our Target (recon)
Hack the Box = Celestial
● IP Address = 10.10.10.85
● Operating System = Linux
● And … thats about all we know so far

5. Enumeration
● It’s always a good idea to have a scan going in the background
● Two types of scans we will focus on today
○ Network/Service Scanning
■ Nmap
■ Nessus
○ Web server Scanning
■ Gobuster
■ Nikto
■ WPScan (only for wordpress)

6. NMAP Results

7. Exploitation

8. Escalation

9. More Escalation… or is
this called Pivoting?

10. Clean up
● Lets delete anything that might show we were there