Foothold & Privilege Escalation — Optimum (HFS)
Foothold & Privilege Escalation — Optimum (HTB-style) Author: Angus Dawson Target: 10.129.245.40 (lab box) Attacker: 10.10.14.29 (Kali) Summary: found HFS (HttpFileServer) on port 80, exploited CVE-2014-6287 with Metasploit to get a Meterpreter shell (user), then ran local post-exploit privesc modules and obtained Administrator to capture root.txt. TL;DR Recon: nmap showed HttpFileServer httpd 2.3 on port 80. Vulnerability: CVE-2014-6287 — RCE in Rejetto HttpFileServer (HFS). Exploit: exploit/windows/http/rejetto_hfs_exec (Metasploit) → Meterpreter → shell → user.txt. Post-exploit: enumerated privesc modules, iterated until a working local exploit delivered SYSTEM, then captured root.txt. Reconnaissance I started with a straightforward service scan to identify active services and versions: ...
