Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports – finding ports 21, 22, and 80 open. On the webserver, we are able to exploit an Insecure Direct Object Reference (IDOR) vulnerability to obtain system credentials as the nathan user. Using the credentials, we […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports – finding TCP ports 22, 80, and 9090 open, and UDP port 161 open. From the webserver on port 9090, we find a FQDN that gives us a different website reachable via port 80. While […]
Jump Ahead: Enum – Foothold – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports – finding ports 22 and 80 open. From the webserver, we find information for a possible subdomain. Going to the subdomain, we find a teaching platform, which allows open enrollment in a course. […]