Overview
- Enumeration will lead to apache mod_ssl and samba 2.2 exploits
- Both exploits will gain root shell immediately
Enumeration
Run nmap scan to find for open ports.
Port 80 & 443
Run a vulnerability scan with Nikto
Start directory enumeration with dirbuster.
SMB Enumeration
Search for exploits
Samba exploit
https://www.rapid7.com/db/modules/exploit/linux/samba/trans2open/
Exploitation
By metasploit
Exploitation failed. Use a different payload.
Root shell is gained.
Exploitation by manual method