HackTheBox Easy

HackTheBox - Keeper

Easy Linux box featuring KeePass vulnerability and credential extraction

htblinuxkeepasscve

HackTheBox - Keeper Writeup

Machine Info

  • Platform: HackTheBox
  • Difficulty: Easy
  • OS: Linux
  • Skills: Web enumeration, credential exploitation, KeePass CVE

Enumeration

Started with an nmap scan:

nmap -sC -sV -oA keeper 10.10.11.227

Discovered:

  • Port 22 (SSH)
  • Port 80 (HTTP)

Initial Access

Found default credentials in Request Tracker installation:

  • Username: root
  • Password: password

Privilege Escalation

Discovered KeePass database and memory dump. Used CVE-2023-32784 to extract master password from memory dump.

Flags

  • User Flag: a7d8f************************
  • Root Flag: b9e4c************************

Key Takeaways

  • Always check for default credentials
  • KeePass memory dumps can leak passwords
  • Keep software updated to patch vulnerabilities