Jump Ahead: Enum – Initial Access – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating services with nmap – only finding ports 22 and 80 open. We enumerate the webserver, eventually getting forwarded to http://10.10.10.171/ona/ – OpenNetAdmin. This version is vulnerable to Remote Code Execution, so we exploit this […]
Jump Ahead: Enum – Initial Access – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open services – finding ports 22 & 80 to be open. The webserver is nostromo version 1.9.6, which we learn is vulnerable to remote code execution. Exploiting this, we get access to the machine […]
Jump Ahead: Enum – Getting a Rev. Shell – Root – Resources – Shoutout TL;DR; To solve this machine we enumerate open ports – finding ports 80 and 22 open. Enumerating the directories on the webserver, we find /monitoring/. Fuzzing the request HTTP verb for /monitoring/ tells us of /centreon. Going to /centreon, we are […]