Persecure : my learning archive

Sunset : Noontide

https://www.vulnhub.com/entry/sunset-noontide,531/

Review

  • Enumeration will state an exploitable IRC server
  • UNREAL IRC is a very common exploitable server
  • Use metasploit
  • Do not overthink for privileged escalation

Enumeration

Run nmap scan to find for open ports.

From the nmap scan and scripts results we notice the machine has a UNREAL IRC server.

Let’s check searchsploit for any exploits.

Metasploit has a backdoor CE

Start up metasploit and search for the moduel

Foothold

A session is gained.

Gain a python shell

Found the first flag.

After trying LinPeas and Linux kernel exploits , the machine box description states to not overthing.

Let’s try to use su to root with the same password.

Privilege escalation

Accessed gained.

Final flag found.

Create a website or blog at WordPress.com