CyberSploit Walkthrough

Scanning the host with nmap -A -T4 -p- 192.168.1.2 -vv

Port 80 is open we scan it with dirb http://192.168.1.2 /usr/share/dirb/wordlist/big.txt

Inside the page source code i found the first clue which is a username itsskv:

The robots file contained a base64 code when decrypting it we get the first flag:

Now we have a username “itsskv” and the password “cybersploit{youtube.com/c/cybersploit}” we use them to login with ssh:

The second flag is:

The second flag is about Binary to ASC:

Now to the privilege escalation part, what i did is transfer the file linux-exploit-suggester.sh to the target and run it, and we got a lot of vulnerabilities and i tried this one and it worked:

There is a link to the exploit download it and run:

gcc 37292.c -o exploit

./exploit

And now you got root and straight to the flag:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s