- Enumernation will lead to student creds
- Upload php shell to gain a shell
- Search config file to find administrator creds
- Edit cron job file with a bash one liner to gain root access
Run nmap scan to find for open ports.
Run a gobuster scan to find for hidden directories.
Crack the hashed password
Login to the academy page with the cred found and upload a reverse shell.
View the config file to find creds for the administrator.
Edit the backup.sh file with a bash online to gain root access.
Leave a Reply