CTF Vulnhub Five86-1
Rather than provide a full walk through and give the game away, I’ll just provide an outline. (https://www.vulnhub.com/entry/five86-1,417/)
So, something like:
-
Discover IP with netdiscover or arp-scan
-
nmap scan services
-
Explore http services
-
Look for a known exploit
-
Gain RCE
-
Explore filesystem, services, perms
-
Crack a password with hashcat
-
SSH Login as a user and get a proper shell
-
Explore filesystem, services, perms
-
Consider options. Hint: (A->B, B->A)
-
Gain access to another users shell
-
Explore filesystem, services, perms
-
Gain access to another users shell
-
Explore filesystem, services, perms
-
Root access!
Next up: https://www.vulnhub.com/entry/five86-2,418/