Nmap reveals ssh on port 22 and a website on port 80. I found a nice exploit on GitHub that will provide a reverse shell. Let’s start a listener. Time for escalation. Enumeration didn’t take long 😉 This should be fairly easy! Done!!! Rooted!
Nmap reveals FTP, SSH and HTTP. I couldn’t log successfully on FTP so went to the website. The pcap had nothing really interesting. Going back to the website and looking at the URL http://10.10.10.245/data/1 I wondered what was at /data/0. It seems like an older report. I downloaded it. After […]
Nmap reveals telnet port which seems to be a remote management endpoint for JetDirect printer. Let’s try it! I’m gonna need to find the password for this… After a while I found this blog post showing how to exploit by “Getting a JetDirect password remotely using the SNMP vulnerability“. I’ll […]
Nmap reveals a lot of ports on this machine. My attention is brought to the SMB server. There is not possible NTLM relay since signing is required but I’ll give it a look if there is anything interesting. Unfortunately no guest login available. Let’s check the website running on port […]
I made a video of this room. Unfortunately my mic was muted. So here is the writeup version… I couldn’t find anything interesting with dirseach. I decided to beautify the source code of the website and found something interesting A little bit research led me to this exploit. To access […]