Uses enum4linux for Samba user enumeration and Hydra for brute-forcing SSH credentials. Exploits readable SSH private key with ssh2john to crack its passphrase, then leverages misconfigured sudo permissions for privilege escalation.
Employs Hydra for brute-forcing admin credentials on a web portal, then uses ssh2john to crack an encrypted RSA private key. Achieves privilege escalation by exploiting sudo permissions on the cat command to read restricted files.
Exploits a client-side authentication bypass by manually setting a cookie to access restricted admin area. Cracks an SSH private key using ssh2john and achieves privilege escalation through a vulnerable cron job that relies on a host file which can be manipulated.
Leverages writable FTP directory to upload and execute a PHP reverse shell. Gains user access through password extraction from a pcap file. Achieves root by exploiting a scheduled script with writable dependencies.