PenTesting Challenge

Derick Neriamparambil
4 min readOct 26, 2020

The machine was an easy Linux based box.

I found two different ways to get the root.

The second method was very direct and easy.

Let's get started

First Method

First, we need to find the IP address of the machine

From the output, we can understand that 10.0.2.21 is the target

Next on running a simple nmap scan to list the common open ports, we will get the below result

Now we should enumerate more on this box

On running

nmap –sV –sC 10.0.2.21

It showed that FTP anonymous login is possible on this machine

This showed the existence of many files related to WordPress and also a robots.txt file.

I tried writing here, but there was no permission

Here, the wp-config.php file looks juicy, so I downloaded it to the local machine

and on inspecting it I got db creds

Username : wordpress

Password: nvwtlRqkD0E1jBXu

Later, I did enumerate port 80 through a web browser

On accessing robots.txt

--

--