PenTesting Challenge

Derick Neriamparambil

4 min readOct 26, 2020

--

The machine was an easy Linux based box.

I found two different ways to get the root.

The second method was very direct and easy.

Let's get started

First Method

First, we need to find the IP address of the machine

From the output, we can understand that 10.0.2.21 is the target

Next on running a simple nmap scan to list the common open ports, we will get the below result

Now we should enumerate more on this box

On running

nmap –sV –sC 10.0.2.21

It showed that FTP anonymous login is possible on this machine

This showed the existence of many files related to WordPress and also a robots.txt file.

I tried writing here, but there was no permission

Here, the wp-config.php file looks juicy, so I downloaded it to the local machine

and on inspecting it I got db creds

Username : wordpress
Password: nvwtlRqkD0E1jBXu

Later, I did enumerate port 80 through a web browser

On accessing robots.txt

Derick Neriamparambil

Written by Derick Neriamparambil

Cyber Security Professional

More from Derick Neriamparambil

Email Harvesting for Social Engineering

Derick Neriamparambil

Email Harvesting for Social Engineering

I got my first hands-on experience in the OSINT tool during the second semester of my master’s. We were asked to extract all the email…

3 min readJun 4, 2020

--

Packet Crafting Using Python Scapy

Derick Neriamparambil

Packet Crafting Using Python Scapy

Recently I was doing a course that focuses on penetration testing and python. As my learning was progressing I got to learn about an…

4 min readJul 5, 2020

--

Hack the box-Cascade: An Active Directory Penetration Test.

Derick Neriamparambil

Hack the box-Cascade: An Active Directory Penetration Test.

Cascade is a Windows machine that just got retired. This had got an active directory which we will try to penetrate in and get the admin…

6 min readJul 25, 2020

--

Node-Hack The Box Write up w/o Metasploit

Derick Neriamparambil

Node-Hack The Box Write up w/o Metasploit

Node is an interesting Linux machine that is listed in TJNull’s OSCP like machines.

6 min readOct 3, 2020

--

See all from Derick Neriamparambil

Recommended from Medium

$1,250 worth of Host Header Injection

Salman Khan

$1,250 worth of Host Header Injection

What is Host Header Injection?

4 min readSep 24

--

8

My Bug Bounty failures

Alvaro Balada

My Bug Bounty failures

I was very frustrated due to my constant failures in Bug Bounty, I had high expectations when I started and I thought that I would have a…

3 min read5 days ago

--

5

Lists

Staff Picks

460 stories315 saves

Stories to Help You Level-Up at Work

19 stories235 saves

Self-Improvement 101

20 stories638 saves

Productivity 101

20 stories593 saves

HackerOne — Triage team — reporting XSS — Gone Wrong

24BkDoor

HackerOne — Triage team — reporting XSS — Gone Wrong

The tales of an N/A hunter

5 min read4 days ago

--

Bug Bounty and Burp Suite for beginners

Nguhuynh

Bug Bounty and Burp Suite for beginners

“This Blog is just for beginners. (have a little trick in the end)”

3 min readJun 7

--

Sudoedit Local Privilege Escalation Vulnerability (CVE-2023–22809)

RoadToOSCP

Sudoedit Local Privilege Escalation Vulnerability (CVE-2023–22809)

On January 18th, 2023, Synacktiv released an advisory regarding a vulnerability in sudo (CVE-2023–22809). This vulnerability allows users…

3 min readAug 27

--

1

Blue (Eternal Blue) - TryHackMe CTF

Mohit Jakhar

Blue (Eternal Blue) - TryHackMe CTF

Walk-through on the CTF challenge “BLUE” or “Eternal Blue” on TryHackMe. You can access this room from…

4 min readSep 17

--

See more recommendations

Help
Status
Writers
Blog
Careers
Privacy
Terms
About
Text to speech
Teams