Persecure : my learning archive

doubletrouble: 1

Download the machine:

https://www.vulnhub.com/entry/doubletrouble-1,743/

Overview

Enumeration

Run nmap scan to find for open ports.

Run a gobuster scan to find for hidden directories.

Port 80

Version 9.1

/secret

Download the image and check if there are any hidden files inside the file.

To extract files we can use steghide. However a password is needed. We can use stegcracker to crack the pass.
Found some creds.

Let’s search searchsploit for some exploits.

found a username.

since we have some creds let’s use the RCE Authenticated exploit.

Edit the file with the necessary details.

However while running the exploit , it got stucked. I exited the exploit and head to the upload folder that we found earlier. Our exploit has been uploaded.

Start up a local netcat listener and click on the php file.

Foothold

User access is gained.

Privilege escalation

TBC

Create a website or blog at WordPress.com