Ice

Recon

Lets run some nmap scan to find open ports and services

Specifying port 8000 as mentioned in the instructions in the room

The hostname is Dark-PC as we can see in the nmap scan

Gain Access

The type of vulnerability can be found on CVE Details

We will be using Metasploit to gain access to the machine so lets start Metasploit.

Lets search for the vulnerability and set the right options

Now lets run the exploit

We have a shell on the machine

Escalate

To who we are on the machine and information related to the machine, we can use the sysinfo command

Lets run the module that will give us exploits that we can use to privilege escalate to a higher privilege user on the machine.

Now lets background this session using the command "background" and list the active sessions, then lets select the first exploit we just found and set the session number to the session we just backgrounded using the command "set sessions 1" .Now we have to set the right options and run the exploit. Once the command has been run, we can access the machine using the command "sessions 1".

Now we are in the machine as a higher privilege user, we can check this by using the command "getprivs"

Looting

Lets now follow the steps in the room

Post-Exploitation

With the help command we can answer the questions in the this task

PreviousLinux: Local EnumerationNextLinux Backdoors

Last updated

Was this helpful?