Vulnversity
https://tryhackme.com/room/vulnversity
Open Ports:
- 21- FTP
- 22- SSH
- 139- NETBIOS-SSN
- 445- MICROSOFT-DS
- 3128- SQUID-HTTP
- 3333- DEC-NOTES
Gaining Access:
Port 80-
- Running dir bruteforce and found:
.phtmlfile allowed to upload- Upload revershell
- Ip/internal/uploads/rev.phtml
this will exec the rev-shell file
- Ip/internal/uploads/rev.phtml
User Flag:
Privelege Escalation:
- tty the shell
Find / -perm -u=s type f 2> /dev/null
- found bin/systemctl
change id to cat root/root.png
Root Flag:
