HTB: Keeper - OSCP Prep Write-up
Default credentials and a comment field that should never have held a password - two very human mistakes that open the door all the way to root. Machine info Name Keeper Platform HackTheBox OS Linux Difficulty Easy TL;DR Web server redirects to tickets.keeper.htb running Request Tracker (RT) - default credentials (root:password) work A user profile comment reads “Initial password set to Welcome2023!” - SSH access as lnorgaard Home directory contains RT30000.zip with a KeePass dump and .kdbx file keepass_dump recovers a partial master password; context clues complete it KeePass vault holds a PuTTY SSH key for root - convert and log in Recon Nmap 1 nmap -sV -sC -Pn -A 10.129.229.41 ...