Post

Toppo : 1

Posted Updated
Toppo 1 Machine !!
Toppo 1 Machine !!
By Shivendra Prajapati
1 min read

Description ⤵️

💡 Toppo ➡️

The Machine is not hard to own and do not require advanced exploitation .

Level : Beginner

DHCP : activated

Inside the zip you will find a vmdk file , and I think you will be able to use it with any usual virtualization software ( tested with Virtualbox) .

If you have any question : my twitter is @h4d3sw0rm

Happy Hacking !

Let’s find the IP Address first »

Untitled

1

IP : 10.0.2.15

Port Scan Results ➡️

Untitled

Untitled

1
2
3
4
5

OPEN PORTS >
22     SSH (Needs credentials)
80     HTTP (Enumeration Further !)
111    rpcbind (no luck)
41060  PRC (no luck same)

Web Enumeration ⤵️

Untitled

Untitled

1

12345ted123

Now I guessed the username as ted as a hint from password →

Untitled

while checking SUID I got this →

Untitled

So lets try a simple tty shell with python →

Untitled

Untitled

If you have any questions or suggestions, please leave a comment below. Thank You !

VulnHub
Recon SUIDs python PrivEsc
This post is licensed under CC BY 4.0 by the author.