Funbox : EasyEnum,565/


  • Run directory enumeration tools to find for clues
  • Upload reverse shells to gain access
  • Bruteforce users
  • Check binary exploits


Run nmap scan to find for open ports.

Port 80

Run a gobuster scan to find for hidden directories.




In this mini shell we are able to upload files. Let’s upload a php reverse shell and execute it.


Access gained.

In the home directory there are the following users.

Use hydra to bruteforce the goat user.

Now we have a user access with a better shell.

Checking sudo permissons.

Privilege escalation

root access gained.

Final flag found.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s