Uses enum4linux for Samba user enumeration and Hydra for brute-forcing SSH credentials. Exploits readable SSH private key with ssh2john to crack its passphrase, then leverages misconfigured sudo permissions for privilege escalation.
Employs Hydra for brute-forcing admin credentials on a web portal, then uses ssh2john to crack an encrypted RSA private key. Achieves privilege escalation by exploiting sudo permissions on the cat command to read restricted files.
Exploits anonymous FTP access to retrieve a password list, then uses Hydra to brute-force SSH credentials. Achieves privilege escalation by leveraging sudo permissions on the tar command to execute arbitrary commands as root.
In this medium-difficulty challenge, exploit a WordPress site through brute-forcing with Hydra, utilizing file disclosure vulnerabilities to obtain password hashes, and leverage a SUID binary for privilege escalation to root access.
Discovers credentials through HTML source code comments and robots.txt file to access a command panel. Exploits unrestricted command execution on the web server and leverages NOPASSWD sudo privileges for full system access.