PenTesting Challenge
4 min readOct 26, 2020
The machine was an easy Linux based box.
I found two different ways to get the root.
The second method was very direct and easy.
Let's get started
First Method
First, we need to find the IP address of the machine
From the output, we can understand that 10.0.2.21 is the target
Next on running a simple nmap scan to list the common open ports, we will get the below result
Now we should enumerate more on this box
On running
nmap –sV –sC 10.0.2.21
It showed that FTP anonymous login is possible on this machine
This showed the existence of many files related to WordPress and also a robots.txt file.