- Enumeration will state an exploitable IRC server
- UNREAL IRC is a very common exploitable server
- Use metasploit
- Do not overthink for privileged escalation
Run nmap scan to find for open ports.
From the nmap scan and scripts results we notice the machine has a UNREAL IRC server.
Let’s check searchsploit for any exploits.
Start up metasploit and search for the moduel
A session is gained.
Gain a python shell
Found the first flag.
After trying LinPeas and Linux kernel exploits , the machine box description states to not overthing.
Let’s try to use su to root with the same password.
Final flag found.
Leave a Reply