Persecure : my learning archive

PNPT : Academy

Overview

  • Enumernation will lead to student creds
  • Upload php shell to gain a shell
  • Search config file to find administrator creds
  • Edit cron job file with a bash one liner to gain root access

Enumeration

Run nmap scan to find for open ports.

Run a gobuster scan to find for hidden directories.

Port 80

FTP Enumeration

Crack the hashed password

Foothold

Login to the academy page with the cred found and upload a reverse shell.

View the config file to find creds for the administrator.

Privilege escalation

Edit the backup.sh file with a bash online to gain root access.

Create a website or blog at WordPress.com