Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports using nmap – finding ports 22 and 80 open. From the web server, we find a form that uses custom Javascript. Looking at the Javascript code, we find it submits user-supplied XML to another script […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports – finding ports 2222, 5555, 36957, and 59777. After researching port 59777, we learn it’s likely an application vulnerable to arbitrary read, write, and application execution. Exploiting the vulnerability, we find credentials located in a […]
Jump Ahead: Enum – Initial Shell – User – Root – Resources TL;DR; Like all machines, we begin by enumerating open ports – finding ports 22, 53, and 80 open. Enumerating the webserver, we find a path that we further enumerate to find a file. When we try accessing the file, we receive an error […]