In this article, we will delve into how to leverage advanced AI tools for ethical hacking and penetration testing. Specifically, we’ll explore the step-by-step process of hacking the Hack The Box machine, “Jarvis,” using a specialized AI model called White Rabbit Neo AI.
Please note that all the activities discussed here are performed in a controlled lab environment for educational purposes only.
Table of Contents
- Introduction to White Rabbit Neo AI
- Understanding the Hack The Box Environment
- Step 1: Initial Reconnaissance with Nmap
- Step 2: Exploring Port 80 and the Web Application
- Step 3: Directory Brute Force Attack
- Step 4: Detecting SQL Injection Vulnerabilities
- Step 5: Automating SQL Injection with SQLMap
- Step 6: Enumerating the Database
- Step 7: Exploiting Vulnerabilities in PHPMyAdmin
- Step 8: Achieving Remote Code Execution and Reverse Shell
- Key Takeaways and Conclusion
1. Introduction to White Rabbit Neo AI
White Rabbit Neo AI is an AI tool built on top of the Llama language model, specifically trained to assist with hacking, penetration testing, and cybersecurity-related tasks. Unlike general-purpose AI models like ChatGPT, White Rabbit Neo AI is designed to provide guidance without any censorship, making it ideal for ethical hackers and cybersecurity professionals.
This AI model allows you to ask questions related to penetration testing, and it provides actionable answers and command examples. Throughout this guide, we will use White Rabbit Neo AI as our “co-pilot” to hack the Hack The Box machine “Jarvis.”
2. Understanding the Hack The Box Environment
Hack The Box (HTB) is an online platform that offers a variety of machines and challenges for ethical hackers to practice their skills. In this tutorial, we’re focusing on the machine named “Jarvis.” HTB is a controlled environment, and the hacking of these machines is purely for educational and testing purposes.
3. Step 1: Initial Reconnaissance with Nmap
To begin hacking “Jarvis,” we first perform an initial reconnaissance to gather information about the target. The AI suggested using Nmap, a popular network scanning tool. Here’s the command provided by White Rabbit Neo AI:
Explanation:
-p-: Scans all ports.-sV: Detects the version of the services running on the open ports.-sC: Runs default scripts against the discovered services.
The Nmap scan results revealed three open ports:
- 22/tcp – SSH
- 80/tcp – HTTP
- 64999/tcp – Unknown Service
4. Step 2: Exploring Port 80 and the Web Application
After discovering the open ports, we decided to investigate the HTTP service on port 80. Visiting the IP address in a web browser, we discovered a hotel booking system named “Stark Hotel.” White Rabbit Neo AI suggested inspecting the website’s functionalities and looking for any potential vulnerabilities.
Interestingly, the AI already had some knowledge of the target environment. This is because White Rabbit Neo AI has been trained on publicly available data from various walkthroughs on the internet.
5. Step 3: Directory Brute Force Attack
To find hidden directories and files on the web server, White Rabbit Neo AI recommended running a directory brute force attack using a tool like Gobuster. The AI provided the following command:
We ran the Gobuster command and started exploring website manually.
Here are the results we got from Gobuster.
6. Step 4: Detecting SQL Injection Vulnerabilities
During the manual exploration, we noticed a parameter in the URL (room.php?cod=3) when clicking the “Book Now” button. This URL structure suggested a potential SQL Injection vulnerability since it appeared to retrieve data based on a room ID.
Using Firefox Developer Tools, we inspected the network requests and noticed that altering the cod parameter changed the retrieved data. This indicated a possible vulnerability in the parameter that could be exploited.
7. Step 5: Automating SQL Injection with SQLMap
Here’s is the question we have asked to White Rabbit Neo AI:
White Rabbit Neo AI confirmed the possibility of an SQL Injection vulnerability and suggested using SQLMap, a powerful tool for automating the detection and exploitation of SQL injection flaws. The AI provided the following command:
SQLMap quickly identified the cod parameter as vulnerable to SQL injection, revealing that the backend DBMS was MySQL.
The AI then guided us on how to enumerate the database and extract useful information.
We Sent this response back to AI and asked:
Here’s the command provided by White Rabbit Neo AI:
8. Step 6: Enumerating the Database
Following the AI’s instructions, we used SQLMap to enumerate the available databases. We discovered the following databases:
- hotel
- information_schema
- MySQL
- performance_schema
We got the database name and following the AI guide we successfully dumped the database.
The MySQL database contained a table named user with potential user credentials. Dumping this table revealed a password hash for the username DB admin, which SQLMap cracked, revealing the password as imissyou.
9. Step 7: Exploiting Vulnerabilities in PHPMyAdmin
Armed with the credentials (admin and imissyou), we logged into the PHPMyAdmin portal discovered earlier. The portal was running PHPMyAdmin version 4.8.0, which is known to have a Remote Code Execution (RCE) vulnerability.
10. Step 8: Achieving Remote Code Execution and Reverse Shell
We executed the RCE exploit, successfully gaining the ability to run remote commands. The AI then provided a bash reverse shell payload that we used to establish a reverse shell connection to our machine. After starting a Netcat listener, we executed the payload, and Hooooooray —we gained access as the user www-data on the target machine.
11. Key Takeaways and Conclusion
Using AI models like White Rabbit Neo AI for ethical hacking is a game-changer. This AI tool provides step-by-step guidance for various hacking tasks, streamlining the process and saving valuable time for penetration testers. While AI-assisted hacking poses risks if misused, it offers immense benefits for cybersecurity professionals by enhancing efficiency and effectiveness.
