<feed xmlns="http://www.w3.org/2005/Atom"> <id>https://lewiskb.github.io/</id><title>LewisKB</title><subtitle>A minimal, responsive and feature-rich Jekyll theme for technical writing.</subtitle> <updated>2026-07-05T17:39:26+01:00</updated> <author> <name>Mark Lewis</name> <uri>https://lewiskb.github.io/</uri> </author><link rel="self" type="application/atom+xml" href="https://lewiskb.github.io/feed.xml"/><link rel="alternate" type="text/html" hreflang="en" href="https://lewiskb.github.io/"/> <generator uri="https://jekyllrb.com/" version="4.4.1">Jekyll</generator> <rights> © 2026 Mark Lewis </rights> <icon>/assets/img/favicons/favicon.ico</icon> <logo>/assets/img/favicons/favicon-96x96.png</logo> <entry><title>Cobblestone - Insane - Linux</title><link href="https://lewiskb.github.io/posts/Cobblestone-Insane/" rel="alternate" type="text/html" title="Cobblestone - Insane - Linux" /><published>2025-08-09T00:00:00+01:00</published> <updated>2025-08-09T00:00:00+01:00</updated> <id>https://lewiskb.github.io/posts/Cobblestone-Insane/</id> <content type="text/html" src="https://lewiskb.github.io/posts/Cobblestone-Insane/" /> <author> <name>Mark Lewis</name> </author> <category term="CTF - HackTheBox" /> <summary>Port Scan The port scan discovered two services, a web server and SSH. The headers also discover hostname of cobblestone.htb which was added to the hosts file. Nothing else of interest. # Nmap 7.95 scan initiated Sat Aug 9 18:09:35 2025 as: /usr/lib/nmap/nmap -sCV -p- -v -oN portscan.log 10.129.54.140 Nmap scan report for 10.129.54.140 Host is up (0.034s latency). Not shown: 65533 closed tcp...</summary> </entry> <entry><title>Fluffy - Easy - Windows</title><link href="https://lewiskb.github.io/posts/Fluffy-Easy/" rel="alternate" type="text/html" title="Fluffy - Easy - Windows" /><published>2025-08-02T00:00:00+01:00</published> <updated>2025-08-02T00:00:00+01:00</updated> <id>https://lewiskb.github.io/posts/Fluffy-Easy/</id> <content type="text/html" src="https://lewiskb.github.io/posts/Fluffy-Easy/" /> <author> <name>Mark Lewis</name> </author> <category term="CTF - HackTheBox" /> <summary>Starting Credentials As is common in real life Windows pentests, you will start the Fluffy box with credentials for the following account: j.fleischman / J0elTHEM4n1990! Nmap Scan The port scan discovered a Windows domain controller which has the typical services active. # Nmap 7.95 scan initiated Sat May 24 16:41:34 2025 as: /usr/lib/nmap/nmap -sCV -p- -v -oT portscan.log 10.10.11.69 Fail...</summary> </entry> <entry><title>Editor - Easy - Linux</title><link href="https://lewiskb.github.io/posts/Editor-Easy/" rel="alternate" type="text/html" title="Editor - Easy - Linux" /><published>2025-08-02T00:00:00+01:00</published> <updated>2025-08-02T00:00:00+01:00</updated> <id>https://lewiskb.github.io/posts/Editor-Easy/</id> <content type="text/html" src="https://lewiskb.github.io/posts/Editor-Easy/" /> <author> <name>Mark Lewis</name> </author> <category term="CTF - HackTheBox" /> <summary>Port Scan The port scan shows that SSH is active on the machine. There are also two web servers active. The headers suggest a web application called XWiki is being hosted. # Nmap 7.95 scan initiated Sat Aug 2 16:38:29 2025 as: /usr/lib/nmap/nmap -sCV -p- -v -oN portscan.log 10.129.88.163 Nmap scan report for 10.129.88.163 Host is up (0.032s latency). Not shown: 65532 closed tcp ports (reset)...</summary> </entry> <entry><title>Outbound - Easy - Linux</title><link href="https://lewiskb.github.io/posts/Outbound-Easy/" rel="alternate" type="text/html" title="Outbound - Easy - Linux" /><published>2025-07-12T00:00:00+01:00</published> <updated>2025-07-12T00:00:00+01:00</updated> <id>https://lewiskb.github.io/posts/Outbound-Easy/</id> <content type="text/html" src="https://lewiskb.github.io/posts/Outbound-Easy/" /> <author> <name>Mark Lewis</name> </author> <category term="CTF - HackTheBox" /> <summary>Discovered Credentials As is common in real life pentests, you will start the Outbound box with credentials for the following account tyler / LhKL1o9Nm3X2 Port Scan The port scan discovered SSH and a web server. A virtual host of mail.outbound.htb is also discovered. # Nmap 7.95 scan initiated Sat Jul 12 22:58:38 2025 as: /usr/lib/nmap/nmap -sCV -p- -v -oN portscan.log 10.10.11.77 Nmap sca...</summary> </entry> <entry><title>Voleur - Medium - Windows</title><link href="https://lewiskb.github.io/posts/Voleur-Medium/" rel="alternate" type="text/html" title="Voleur - Medium - Windows" /><published>2025-07-05T00:00:00+01:00</published> <updated>2025-07-05T00:00:00+01:00</updated> <id>https://lewiskb.github.io/posts/Voleur-Medium/</id> <content type="text/html" src="https://lewiskb.github.io/posts/Voleur-Medium/" /> <author> <name>Mark Lewis</name> </author> <category term="CTF - HackTheBox" /> <summary>Starting Credentials The author of the challenge has provided a set of starting credentials. As is common in real life Windows pentests, you will start the Voleur box with credentials for the following account: ryan.naylor / HollowOct31Nyt Nmap Scan The port scan discovered a domain controller. No web service is active. SSH is active on port 2222. # Nmap 7.95 scan initiated Mon Jul 7 20:...</summary> </entry> </feed>
