Sign in

Enumeration

  • SSH [22]
  • HTTP [80]

DESCRIPTION:

Enumeration


Enumeration

  • SSH
  • DNS
  • POP3 / IMAP
  • HTTP

Steps to hack

  1. get the hint on the apache default page.
  2. enumerate users using wpscan on the wordpress site.
  3. brute-froce the login to find the password.
  4. Login and upload the reverse-shell.
  5. once inside, look around the home dir.
  6. Find the root pwd and become root

  • Level: Beginner-Intermediate
  • flags: user.txt and root.txt
  • Description: The machine is VirtualBox as well as VMWare compatible. The DHCP will assign an IP automatically. You’ll see the IP right on the login screen. You have to find and read two flags (user and root) which is present in user.txt and root.txt respectively.
  • Format: Virtual Machine (Virtualbox — OVA)
  • Operating System: Linux

Enumeration


Enumeration

only one service is running

Enumeration


Enumeration


  • Name: symfonos: 4
  • Difficulty: Intermediate
  • Tested: VirtualBox
  • DHCP Enabled

Steps

  1. Port scanning with NMAP
  2. Gobuster on port 80 gives up some dirs and files.
  3. Use SQLi to bypass the auth
  4. there is a LFI, use it to get RCE
  5. Need to port forward the remote port and access the web application
  6. python deserialisation to RCE -> Root

Enumeration


Enumeration

  • 21
  • 22
  • 80
  • 139/445

Kill-09

What could be more fun than breaking stuffs!!!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store