Documentation Index
Fetch the complete documentation index at: https://hackwithmike.com/llms.txt
Use this file to discover all available pages before exploring further.
Starting the box
Link to the box: https://app.hackthebox.com/machines/eloquia
Port Scan
We start off the box by running a port scan on the provided IP.
rustscan --ulimit 5000 -a 10.129.10.149 -r 1-65535 -- -A -vvv -oN Eloquia
Open 10.129.10.149:80
Open 10.129.10.149:5985
PORT STATE SERVICE REASON VERSION
80/tcp open http syn-ack ttl 127 Microsoft IIS httpd 10.0
|_http-favicon: Unknown favicon MD5: 7487AC79D09DE6E54F3DF799C6B5B14A
|_http-title: Eloquia
|_http-server-header: Microsoft-IIS/10.0
| http-methods:
|_ Supported Methods: GET HEAD OPTIONS
5985/tcp open http syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running (JUST GUESSING): Microsoft Windows 2019|10 (97%)
OS CPE: cpe:/o:microsoft:windows_server_2019 cpe:/o:microsoft:windows_10
OS fingerprint not ideal because: Missing a closed TCP port so results incomplete
Aggressive OS guesses: Windows Server 2019 (97%), Microsoft Windows 10 1903 - 21H1 (91%)
Edit the Hosts file
As always, we edit the /etc/hosts file to add the hostname:
/etc/hosts
10.129.10.149 eloquia.htb
Active Box
This box is currently still active on Hack the Box - Full writeup will be available when the box is retired. Feel free to reach out to me on
LinkedIn or
Discord for nudges & sanity checks.
