Lets run nmap scans to find the answers to the questions
Lets run gobuster to find the answers to the questions
Selecting a module
Final Walkthrough
Lets select the module and set the options
Lets run the exploit
Lets crack the first hash
Lets crack the second hash
John The Ripper
Lets crack the first hash
Lets crack the second hash
Lets run some nmap scans to find open ports and services
Lets visit the website
Its a default Apache page, lets run a gobuster scan to find open directories
Lets visit this directory
There is nothing
Lets look for files within this directory.
We find a file called secret.txt . Lets see it.
We have a username and a hash, lets crack it using john the ripper.
Lets login through ssh and read the user flag
Privilege Escalation
Lets run sudo -l to see what we can run as other users.
Ok so we can run "su" as root, lets do it.
We are now root, we can read the root flag
