update post

m0nkeyh4ck · Nov 11, 2023 · 928e84d · 928e84d
1 parent d2887e1
commit 928e84d
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/_posts/2023-11-10-broker.md b/_posts/2023-11-10-broker.md
@@ -22,15 +22,18 @@ mkdir broker
 cd broker
 mkdir nmap content exploit
 ```
+{: .nolineno}
+
 ### nmap
 
 ```bash
 sudo nmap -p- --open -sS --min-rate 5000 -Pn -n -sCV 10.10.11.243 -oN version-port
 ```
+{: .nolineno}
 
 ### version-port
 
-```bash
+```ruby
 Nmap scan report for 10.10.11.243
 Host is up (0.092s latency).
 Not shown: 65465 closed tcp ports (reset), 59 filtered tcp ports (no-response)
@@ -167,6 +170,8 @@ SF:5MaxInactivityDuration\x06\0\0\0\0\0\0u0\0\x20MaxInactivityDurationInit
 SF:alDelay\x06\0\0\0\0\0\0'\x10\0\x0fProviderVersion\t\0\x075\.15\.15");
 Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
 ```
+{: .nolineno}
+
 
 - 22: ssh
 	+ OpenSSH 8.9p1 Ubuntu 3ubuntu0.4 (Ubuntu Linux; protocol 2.0)
@@ -195,6 +200,7 @@ reconocimiento con whatweb y wappalyzer
 ```bash
 whatweb 10.10.11.243
 ```
+{: .nolineno}
 
 ### whatweb
 
@@ -235,6 +241,8 @@ Apache ActiveMQ 5.3 - 'admin/queueBrowse' Cross-Site Scripting
 Apache ActiveMQ 5.x-5.11.1 - Directory Traversal Shell Upload (Metasploit)                   | windows/remote/48181.rb
 --------------------------------------------------------------------------------------------- ---------------------------------
 ```
+{: .nolineno}
+
 MMMM no veo el típico script en python que nos saca de apuros, intentemos desde google
 
 ![](htb-writeup-broker/sploit1.png)
@@ -260,6 +268,7 @@ python exploit.py -i <target-ip> -p <target-port> -u <url-to-poc.xml>
 python exploit.py -i <target-ip> -u <url-to-poc.xml>
 ```
 
+
 ![](htb-writeup-broker/sploit4.png)
 
 ### tratamiento de la tty