Bizness User Walkthrough — Hackthebox

Bikram kharal
3 min readJan 23, 2024

--

Hello everyone,It’s me Bikram Kharal here to write a about a easy hackthebox machine called as Bizness.Lets’ start :

Initial Enumeration

First of all i did a simple nmap scan to enumerate all the ports in the box.Here few ports like 22,80,443 seems interesting.

I added https://bizness.htb/ to /etc/hosts in my linux machine.

Enumerating Bizness Website

Visiting the website we found it as a static site.

After directory bruteforcing we got a path called control.

Visiting a /control path showed nothing.I again did recursive fuzzing with control path and got a few paths like:

I tried to visit /control/login and following login page appeared.

After researching I found that the page was of Apache Offbiz framework.I tried searching for vulnerabilities of Apache Offbiz framework and got the recent CVE-2023–51467. After few time i found a exploit in the github.

I tried a netcat command to get a user shell with the above exploit.

And we got our shell in the nc.

Going to /home/ofbiz we got user.txt flag.

This much for today. I will update the Privilege Escalation to root in few days.

Thank you everyone for reading this.

--

--