Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports – finding ports 22 and 80 open. On the webserver, we find a static webpage. Enumerating the server infrastructure, we find the backend contains a backdoor. Exploiting the backdoor, we get a reverse shell on […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports – finding ports 80, 135, 139, 443, 445, 3306, 5000, 5040, 5985, 5986, 47001, 49664, 49665, 49666, 49667, 49668, 49669, and 49670 open. From port 443, we find a subdomain in the TLS certificate, which […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open services – finding ports 80 and 22 open. From the webserver, we find a vulnerable version of Drupal. Exploiting the vulnerability, we are able to get a shell on the machine as apache. From initial enumeration, […]