We start scanning the host with nmap:
Nmap –A –T4 –p- 192.168.1.18 –vv
As we can see port 80 is using OpenSSL vertion 0.96b
doing some search on google for Openssl vulnerabilities
i found this to be under the name OpenFuck ..lol
on github you can download the exploit under the name OpenLuck
run the script and you will get a root shell very easy …
Another Way To Gain Root Access
Using msfconsole to scan for the SMB version as port 139 is open
the SMB version is 2.2.1a .. and searching for exploit using Searchsploit the result came with trans2open exploit
Using metasploit searched for trans2open and exploit it using linux/x84/shell_reverse_tcp
and you now root !!
