Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open services – finding a ton of ports open. The FTP server allows anonymous authentication, from which we get 2 usernames and 2 files. One of the files tell of Passwords.txt on nathan‘s desktop. The webserver, which […]
Jump Ahead: Enum – Initial Creds – User – Root – Resources TL;DR; To solve this machine, we began by enumerating open services – finding only ports 445 and 4386 open. While enumerating SMB, we found credentials for the TempUser user. Using the credentials, we enumerated SMB once again. This time, we found hashed credentials […]
Jump Ahead: Enum – Initial Access – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating services with nmap – only finding ports 22 and 80 open. We enumerate the webserver, eventually getting forwarded to http://10.10.10.171/ona/ – OpenNetAdmin. This version is vulnerable to Remote Code Execution, so we exploit this […]