BSides Vancouver: 2018 (Workshop) — Walkthrough

Openssl Privilege Escalation(Read Any File)
April 18, 2019
How to Hack an Android phone Beginner to Advance
April 19, 2019
Share This:

BSides Vancouver: 2018 (Workshop) — Walkthrough

Description

Boot2root challenges aim to create a safe environment where you can perform real-world penetration testing on an (intentionally) vulnerable target.

This workshop will provide you with a custom-made VM where the goal is to obtain root level access on it.

This is a great chance for people who want to get into pentesting but don’t know where to start. *

As always we started with an nmap scan.

Nmap -sC -sV -v -p- 192.168.1.3

From this i determined that there were three open ports 21, 22, and 80.

Port 21 (FTP)

Since port 21 showed that anonymous login was allowed, I tried browsing to the page. I found a text file containing possible users.

Nice Now We Have Bunch Of Usernames

Port 22 (SSH)

I tried to connect with ssh via every single user but every user needs key except anne

Bruteforcing SSH

Since Now we know There is only one User can login via ssh So now let attack

hydra -l anne -P /usr/share/wordlists/rockyou.txt 192.168.1.3 ssh

Privilege Escalation

Logging in with the username anne and password princess works:

ssh [email protected]

Lets Be Root

User anne have rights to run every command as sudo

sudo -l (this will show what use can do with sudo)

ROOT

sudo su – root

cd /root

cat flag.txt

Share This:

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: