Appointment Starting Point HackTheBox Writeup.

Appointment Starting Point HackTheBox Writeup

Appointment is a very good lab to practice for Databases related security isssues. So in this writeup[walkthrough] we are going to exploit this challenge.

Appointment Starting Point HackTheBox Writeup
Appointment Starting Point HackTheBox Writeup

First of all check for the services running on the using nmap as given below

Here is the useful information from the scan result.

Here port is open and is running which means that a website is running on the machine so lets go the the website by typing of the Appointment Challenge in your favourite browser.

Now let’s solve the Tasks

Simple google and you will get the answer for Task 1

If you have seen any article or video by any cybersecurity professional must have heard of is a great issue.

If you don’t know about then it is any information that can uniquely identify any person/individual .

Simple googling brings us to

As you can see from our scan results

As we know standard port used by is

Appointment Starting Point HackTheBox Writeup website by @wesecure1337

Copy and paste the in your favourite browser, you can see in the browser it is a login page which is asking for the and . Now whenever I see anything the first thing comes in my mind is to check for the and/or if you want to make it easy, first check for and sometime works on luck.

is used in the case when we used computer for normal use like I have some related pdfs in my folder but in the case of is used instead of

Just simple google you will get the result.

If you haven’t installed yet go and install it. Just type in terminal

As you can see the commands

It clearly says that to search for we have to specify . This leads to our Task 10

In most of the languages is used to comment out parts out the code, meaning that any written after in the line is not considered to a code but only for the developers to understand what is the purpose of the code.

Go back in the browser where you have pasted the the ip address of the the challenge and enter as and as to check how the application is behaving. Nothing happens means our combination is not correct so lets try some simple

Enter in the field and in the field. You will be logged in and the screen displays the flag for this Appointment challenge.

Appointment Starting Point HackTheBox Writeup Flag

Voila!!! We have successfully hacked the Appointment by HacktheBox. If you enjoyed reading walkthrough[writeup] and excited then do checkout our other walkthroughs.

Let’s get connected


If you want to appreciate and support my work here you go…

Thanks for Reading!!!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store