HacktheBox Netmon: Walkthrough

VulnHub Zico2: 1 Walkthrough
June 24, 2019
HacktheBox FriendZone: Walkthrough
July 13, 2019
Share This:

HacktheBox Netmon: Walkthrough

Hey guys today Netmon retired and this is my write-up. I don’t have too much to say about this box , It was a nice easy windows box.


As always we will start with nmap to scan for open ports and services :

We Have:

  • Ftp Port 21 with Anonymous Login Allowed
  • http port 80 (webserver is running) and prtg network monitor is installed
  • and some other ports are also running

Lets Go and Check ftp

Under Users/Public I got user.txt

Its Very Easy Lets Move Ahead

Lets Go and check what is up on Port 80:

So Its a Login Page Of PRTG Network Monitor

I tried Default Credential prtgadmin:prtgadmin but didnt work and I also Tried For SQL injection Got Nothing

I did Some research on PRTG network Monitor and I got that PRTG Network Monitor Save Its Credentials in /Programdata/Paessler/PRTG Network Monitor and the file contain which contain creds is PRTG Configuration.dat

Lets Go check there

I Tried to find credentials on Ever file But Got from PRTG Configuration.old.bak

Download the File

Finding For Credentials

Open The File

Its Very Big File So We have to Use “Find” to find particular Line. So I tried to search for Default Username prtgadmin

So Now we Have Password but This is not correct Password If you noticed the name of file it is “.old.bak” which means its old credentials

[email protected]

May Be this is Last Year creds

Lets change the Year

[email protected]

Now Lets Login

Now Lets Search For the vulnerabilities

After Searching Little I got Found that this is vulnerable of code injection

Under Setup


Now we Need to create New Notification To Do So Click On Add New Notification

Now Here We can give any Command We want to execute

test.txt; Copy-Item “C:\Users\Administrator\Desktop\root.txt” -Destination “C:\Users\Public\demodemodemo.txt” -Recurse

Now Execute The Notification

Lets Check The File which we just create

Happy Hacking…

Share This:

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: