HTB - Armageddon without MetaSploit
Intro During this box, I’ll exploit an outdated version of Drupal in order to get an initial shell. This will allow me to discover user credentials on the Drupal DB. Finally, I’ll get privesc thanks to an insecure sudo command (once again). Target HTB - Armageddon Recon A quick look to the box info reveals it’s running Linux. Enum We run our classic nmap scan : sudo nmap -sC -sV -oA scans\armageddon sudo nmap -sC -sV -oA scans/nmap 10.