HackTheBox - Mailing
Enumeration Starting with a comprehensive nmap scan: sudo nmap -sS -sC -A 10.10.11.14 -T4 -oN first.scan -p- Key Findings The scan reveals a Windows server running hMailServer with multiple mail-related services: Port 25/587: SMTP (hMailServer) Port 80: HTTP (Microsoft IIS 10.0) - redirects to mailing.htb Port 110: POP3 (hMailServer) Port 143/993: IMAP (hMailServer) Port 445: SMB Port 465: SSL/SMTP Port 5985: WinRM Domain identified: mailing.htb Web Enumeration Local File Inclusion Discovery When downloading a PDF from the website, the URL structure reveals a potential LFI vulnerability:
Read more ?