VulnOS2 Vulnhub walkthrough — OSCP prep

ENUMERATION

Netdiscover
Nmap
Nikto scan
update.info on http://10.0.2.9/jabc/
view-source:http://10.0.2.9/jabc/?q=node/7

EXPLOITATION

OpenManDoc PoC

Via SQLmap

Without SQLmap

odm_user from jabcd0cs database.
  • Webmin
  • Guest
Hash for webmin
ssh

Privilege Escalation

  • We check name, version etc of kernel.
Info gathering on kernel.
overlayfs.c
ROOTED

--

--

--

OSCP | CEH | Cyber Security Enthusiast.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The Remediation Series — Part 3

Automation Solutions Key To Ensuring Security and Protection in Remote Environments

Deploying SSL enabled React/Angular/Vue applications to AWS using Lets Encrypt

How CryptoKitties securely sign and send Ethereum transactions

Privacy vs. creepy Ads

Privacy on the web

ChainSwap Exploit Post-Mortem

The Best Way To Store Cryptocurrency | Keep Your Crypto Safe!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Dhanishtha Awasthi

Dhanishtha Awasthi

OSCP | CEH | Cyber Security Enthusiast.

More from Medium

How to crack ssh password by hydra:

Hack the box: backdoor write-up

Host Own Dark Website (.onion) on Linux

Can I use penicillin on my malware infection?