![]() Let’s download all the files to our local system to take a closer look. A NOTES.txt file, A zip file by the name of cred.zip, and a php file by the name of rce. Inside the pub directories, we find 3 files. We listed contents and found the pub directory. It was clear from the Nmap Scan that FTP allows Anonymous Login. Let’s start the enumeration stage with the FTP Service. An aggressive Nmap scan reveals that 5 services: FTP (21), SSH (22), HTTP (80), RPC (111), NFS (2049). The IP Address of the machine was found to be 192.168.1.110įollowing the netdiscover scan, we need a Nmap scan to get the information about the service running on the virtual machine. To find the IP Address, we need to co-relate the MAC Address of the machine that can be obtained from the Virtual Machine Configuration Setting. This can be done using the netdiscover command. To attack any machine, we need to find the IP Address of the machine. Installing the malicious package using dpkg.Crafting deb Installation Package using fpm.Exploiting Sudo Permissions on custom script.Overall, it was an intermediate machine to crack.ĭownload Lab from here. We need to get root privilege on the machine and read the root flag to complete the challenge. It is a simple Boot to root kind of challenge. Today we are going to crack this vulnerable machine called Maskcrafter: 1.1.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |