Category: Hacking Walkthroughs for Vulnhub Virtual Machines

Plan A 1. discover http on 80 with drupal 7 2. Metasploit, search for drupal, find unix/webapp/drupal_drupalgeddon2 3. Set options, exploit and we have Meterpreter shell 5. Find flags in…

1. scanned, found tcp/80 open 2. Found wordpress install 3. Found 3 usernames with wpscan. Was an old ver, could have exploited that. 4. Found hints recommending using cewl to…

1. ProFTP 1.3.5 vulnerable because: The mod_copy module implements SITE CPFR and SITE CPTO commands, which can be used to copy files/directories from one place to another on the server.…

Nutshell for wgel on tryhackme is: 1. Found username in source of http://target = jessie 2. Found id_rsa on http://target/sitemap/.ssh/id_rsa 3. Ssh-ed in with the id_rsa private token 4. Privilege…

Key learning opportunities here: – Exercise LFI – Local File Include by using anonymous FTP login, upload reverse-php-shell.php into ftp, then call it through a web browser or curl to…

1. Scan reveals tcp 22,80 2. gobuster/dirb shows us a wordpress installation 3. wpscan –url http://$targetIP/wordpress –enumerate u shows us two user names. (Redacted here. Figure it out.) 4. curl…

This was my first intermediate box without reading the walkthrough for hints so I’m a little stoked. I just leveraged all I learned on the beginner VMs and got through…

This is a fun box! Nmap to find TCP/22, 80 and 33060 open. Use gobuster to uncover hidden directories and look for http://192.168.120.224/admin (or whatever IP you’re targeting.) You’ll find…