Jump Ahead: Enum – Getting a Rev. Shell – Root – Resources – Shoutout TL;DR; To solve this machine we enumerate open ports – finding ports 80 and 22 open. Enumerating the directories on the webserver, we find /monitoring/. Fuzzing the request HTTP verb for /monitoring/ tells us of /centreon. Going to /centreon, we are […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating ports with nmap – getting 5 open ports. Checking out the webserver on port 80, we are forwarded to /issues.php. From here we are able to login as a guest and obtain usernames and hashed passwords by […]
Jump Ahead: Enum – User – Root TL;DR; To solve this machine, we start by enumerating all ports; we see that only ports 22, 80, 443 are open. Next, we enumerate port 80, seeing there is a file upload page that we are able to use to upload a reverse shell. On the box, we […]