We start scanning the host with nmap:
Nmap –A –T4 –p- 192.168.1.18 –vv

As we can see port 80 is using OpenSSL vertion 0.96b
doing some search on google for Openssl vulnerabilities

i found this to be under the name OpenFuck ..lol
on github you can download the exploit under the name OpenLuck
run the script and you will get a root shell very easy …

Another Way To Gain Root Access
Using msfconsole to scan for the SMB version as port 139 is open

the SMB version is 2.2.1a .. and searching for exploit using Searchsploit the result came with trans2open exploit

Using metasploit searched for trans2open and exploit it using linux/x84/shell_reverse_tcp

and you now root !!