Posts

SAR1 VULHUB WALKTHROUGH

-
Image
SAR1 (Walkthrough) This Box Is From Vulhub You Can Download It From  Link .This Box is like OSCP box which i beleive is .I pwned this box using LFI leads to RCE. Breaching Process  Finding IP Netdiscover Enumeration Browsing HTTP  service Nmap scan Enumerating directory using nikto and dirb Found robots.txt and other useful directory Enumerating sar2HTML Exploitation using searchsploit for sar2HTML found RCE Injecting php code using (wget) Got reverse shell using NC Privilege Escalation Found crontab execute shell in 5 min. Add the sudoers permission for www-data. Got root permission  Let's Breach   Using netdiscover  i found the box ip address.The ip address was 192.168.248.136 Then i scan the IP using nmap The command is nmap -sSVC -A 192.168.248.136 | tee nmap.txt Here the scan shows only 80 port which was default page of apache There was no thing to see so,i need to dig d...
Post a Comment
Read more

Stapler (Walkthrough)

-
Image
Stapler (Walkthrough) This Box Is From Vulhub You Can Download It From  Link . i pwned this box by doing wordpress enumeration and an old exploit of ubuntu 16.04 which help me to get root permission. Breaching Process  Finding IP Nmap Enumeration Browsing HTTP and HTTPS service Deep nmap scan for all ports found (12380) running in https Enumerating directory using nikto  Found robots.txt and other useful direcotry Exploitation Injecting php code in plugin  Got reverse shell in meterpreter Privilege Escalation Further enumeration found old Ubuntu (16.04) Got root permission (compiling bunch of exoloit) Let's Breach   Using nmap scan i found the box ip address.The ip address was 192.168.1.7 I browse the ip to see there was port 80 open and let the nmap scan   There was not any interesting thing in 80 port.After seeing the and found nothing i go for nmap scan. There was bunch ...
Post a Comment
Read more