Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open ports – finding only 22 and 8080 open. From the webserver on port 8080, we exploit a Java deserialization vulnerability to get a reverse shell as tomcat. Looking around the machine, we find credentials for the […]
Jump Ahead: Enum – Getting Initial Access – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating open services – finding ports 22, 80, and 3306 open. From a webserver, we discover a testing directory with index listing enabled. From the index, we find a backup copy of a WordPress […]
Jump Ahead: Enum – User – Root – Resources TL;DR; To solve this machine, we begin by enumerating exposed services – finding ports 22 and 80 open. While enumerating the webserver, we find a WordPress site accessible via a virtual host. From a post, we find information on hidden files, which allows us to discover […]