Well what to say about Jerry?

My first box, Jerry, is a fairly easy jaunt into the world of Hack The Box. (Total time including researching and learning/downtime approx. 43 hours.) At first glance we notice a lot of things that we can learn from this experience and use going forward.

Steps:
I performed initial recon into the box using Sparta.  This can be done manually also. (Resources I used: NMAP Cheat Sheet )

Seeing that there is an Open port at 8080,I went to investigate, it’s an Apache Tomcat server.

Going into Tomcat, i tried to enter into the system information, but got nowhere, so I pulled up the documentation and saw a password listed. could they have used the OOTB Password?
Yes, yes they did.  tomcat/s3cret.

using these credentials, I then logged into Jerry’s Tomcat server instance and poked around a bit. I then researched how to log into windows from Tomcat, and got a LOT of information. So knowing what to do, just not how to do it, getting in required a lot of research.

How I did it:
Using MSFVenom I was able to build a payload as a .war file and upload it to the server, but i kept getting errors. So i went back to square one.

If at first you don’t succeed, try, try again.

I used netcat to open up a reverse shell in one terminal, and a bind shell in another terminal instance. This worked!
(Hackingtutorials.org)

So then I went back to square one with MSFVenom and Metasploit.
(How to use MSFVenom)

I was able to create a proper payload using this information and connected via MSFConsole.  Viola! instant access!

Impressions:

This was a really easy box after messing around with different ways to get in.  Once you know how to do what you want, it’s easy to acquire.  I will definitely try other boxes in the future.