🐧DriftingBlues6

192.168.60.219

Enumeration

Nmap scan

nmap -sV -p- 192.168.60.219 -A

Port 80

Dirbuster scan

Robots.txt

Spammer.zip is password protected. Extracting hashes.

zip2john spammer.zip > spammer.hashes

Bruteforcing with John

Found password for spammer.zip file : myspace4

Contents of creds.txt

mayer:lionheart

Logged in with the found credentials at http://192.168.60.219/textpattern/textpattern

Edited my reverse shell pointing toward my IP. Uploaded. Opened my file from http://192.168.60.219/textpattern/files/

Shell

Linpeas found that this machine is vulnerable to dirty cow https://github.com/firefart/dirtycow

Grabbed exploit and transferred to victim machine. Compiled exploit.

gcc 40616.c -o cowroot -pthread

It did give an error but compiled anyways.

Ran exploit ./cowroot

Root

PreviousAssertion101NextDC-2 - unfinished

Last updated

Was this helpful?