Run a nmap scan to find for open ports

Head to the web server and a security tool is found.

Pcap files can be downloaded

Follow the TCP stream on that particular pcap file but no clues available.

In the url type in 0 to get another pcap file.

Follow the tcp stream and user credentials are found in plain text.

Login via ssh and the user.txt is found.

Python can be used to get root access.

Start python and setuid to o and root access is gained.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s