Boot2root challenges aim to create a safe environment where you can perform real-world penetration testing on an (intentionally) vulnerable target.
This workshop will provide you with a custom-made VM where the goal is to obtain root level access on it.
This is a great chance for people who want to get into pentesting but don’t know where to start. *
Nmap -sC -sV -v -p- 192.168.1.3
From this i determined that there were three open ports 21, 22, and 80.
Since port 21 showed that anonymous login was allowed, I tried browsing to the page. I found a text file containing possible users.
Nice Now We Have Bunch Of Usernames
I tried to connect with ssh via every single user but every user needs key except anne
Since Now we know There is only one User can login via ssh So now let attack
hydra -l anne -P /usr/share/wordlists/rockyou.txt 192.168.1.3 ssh
Logging in with the username
anne and password
Lets Be Root
User anne have rights to run every command as sudo
sudo -l (this will show what use can do with sudo)
sudo su – root