Portfolio
  • whoami
  • Beginner
    • Bash and Linux Commands
    • Nmap
    • Tools
    • Metaspolit
    • Web Enumeration
    • What the Shell
    • Upload Vulnerabilities
    • Pickle Rick
    • Hashing-Crypt 101
    • John the Ripper
    • Encryption - Crypto 101
    • Windows Fundamentals 1
    • Active Directory
    • Blue Exploit
    • Common Privilege Escalation
    • Linux PrivEsc
    • Vulnversity
  • SOC
    • SIEM
    • Windows Event Logs
    • Skills Assessment
    • Get-WinEvent
    • Introduction to Threat Hunting
      • Threat Intelligence Fundamentals
      • Hunting For Stuxbot With The Elastic Stack
        • Skills Assesement
    • Introduction To Splunk & SPL
      • Splunk Applications
      • Intrusion Detection With Splunk (Real-world Scenario)
      • Detecting Attacker Behavior With Splunk Based On TTPs
  • Capture the Flags
    • CFT INE - Host & Network Penetration Testing: System-Host Based Attacks
    • Web Application Penetration Testing CTF
    • INE - The Metasploit Framework CTF
Powered by GitBook
On this page
  1. Beginner

Vulnversity

PreviousLinux PrivEscNextSOC

Last updated 5 months ago

Reconnaissance

s1: run an nmap scan | nmap -A -sC -p- -oN vulnersity.nmap 10.10.26.152

-A : aggresive scan, -sC : nmap script scan, -p- : scan all ports, -oN : save results

Scan the box; how many ports are open? | 6

What version of the squid proxy is running on the machine? | 3.5.12

How many ports will Nmap scan if the flag -p-400 was used? | 400

What is the most likely operating system this machine is running? | ubuntu

What port is the web server running on? | 3333

Locating directories using Gobuster

To get started, you will need a wordlist for Gobuster (which will be used to quickly go through the wordlist to identify if a public directory is available. If you are using , you can find many wordlists under /usr/share/wordlists. You can also use the wordlist for directories located at /usr/share/wordlists/dirbuster/directory-list-1.0.txt in the AttackBox.

gobuster dir -u http://10.10.26.152:3333 -w '/usr/share/wordlists/dirbuster/directory-list-1.0.txt'

directory listing found

/images (Status: 301) /css (Status: 301) /js (Status: 301) /internal

visit webpage |

What is the directory that has an upload form page?

visit

Kali Linux
http://10.10.26.152:3333/
http://10.10.26.152:3333/
internal