Vulnhub Kioptrix Level 1 Walkthrough

We start scanning the host with nmap:

Nmap –A –T4 –p- –vv

As we can see port 80 is using OpenSSL vertion 0.96b

doing some search on google for Openssl vulnerabilities

i found this to be under the name OpenFuck

on github you can download the exploit under the name OpenLuck

run the script and you will get a root shell very easy …

Another Way To Gain Root Access

Using msfconsole to scan for the SMB version as port 139 is open

the SMB version is 2.2.1a .. and searching for exploit using Searchsploit the result came with trans2open exploit

Using metasploit  searched for trans2open and exploit it using linux/x84/shell_reverse_tcp

and you now root !!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s