# Environment

<figure><img src="/files/iH1e2J04zRyA5AcqdyGl" alt="" width="563"><figcaption></figcaption></figure>

<https://app.hackthebox.com/machines/Environment>

***

## Enumeración

```bash
sudo nmap -p- -sS --min-rate 5000 -n -Pn -vv 10.10.11.67 -oA allPorts
```

```
PORT      STATE    SERVICE REASON
22/tcp    open     ssh     syn-ack ttl 63
80/tcp    open     http    syn-ack ttl 63
32658/tcp filtered unknown no-response
33213/tcp filtered unknown no-response
```

```bash
nmap -p 22,80 -sCV -Pn -n -vv 10.10.11.67 -oA allPortsServicesVersion
```

```
PORT      STATE  SERVICE REASON         VERSION
22/tcp    open   ssh     syn-ack ttl 63 OpenSSH 9.2p1 Debian 2+deb12u5 (protocol 2.0)
| ssh-hostkey: 
|   256 5c:02:33:95:ef:44:e2:80:cd:3a:96:02:23:f1:92:64 (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGrihP7aP61ww7KrHUutuC/GKOyHifRmeM070LMF7b6vguneFJ3dokS/UwZxcp+H82U2LL+patf3wEpLZz1oZdQ=
|   256 1f:3d:c2:19:55:28:a1:77:59:51:48:10:c4:4b:74:ab (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ7xeTjQWBwI6WERkd6C7qIKOCnXxGGtesEDTnFtL2f2
80/tcp    open   http    syn-ack ttl 63 nginx 1.22.1
|_http-title: Did not follow redirect to http://environment.htb
| http-methods: 
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: nginx/1.22.1
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
```

<http://environment.htb/>

```bash
ffuf -u http://environment.htb/FUZZ -w /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt -c -ic -t 80
```

```
login                   [Status: 200, Size: 2391, Words: 532, Lines: 55, Duration: 639ms]
storage                 [Status: 301, Size: 169, Words: 5, Lines: 8, Duration: 172ms]
upload                  [Status: 405, Size: 244869, Words: 46159, Lines: 2576, Duration: 969ms]
up                      [Status: 200, Size: 2125, Words: 745, Lines: 51, Duration: 908ms]
logout                  [Status: 302, Size: 358, Words: 60, Lines: 12, Duration: 912ms]
vendor                  [Status: 301, Size: 169, Words: 5, Lines: 8, Duration: 168ms]
build                   [Status: 301, Size: 169, Words: 5, Lines: 8, Duration: 166ms]
mailing                 [Status: 405, Size: 244871, Words: 46159, Lines: 2576, Duration: 1141ms]
```

<figure><img src="/files/o2YdJavKEJktflJu9GBF" alt=""><figcaption></figcaption></figure>

Laravel 11.30.0

Googlear `laravel 11.30.0 exploit`


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://estebanzarate.gitbook.io/hackache/hack-the-box/machines/environment.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.