filmov
tv
Loly Walkthrough | Offensive Security Proving Grounds | CTF
Показать описание
Steps to be performed after nmap scan.
1. On directory enumeration we find that the server runs wordpress site.
2. On running wpscan we find user loly exist and on bruteforce we find users password.
3. On logging in to wordpress admin panel we find adrotate has a functionality which allows the upload of zip files,, which later unzips the zip file content to /banner folder. This features helps us to bypass the file format checks in place and upload a reverse shell.
4. We get the location of the uploaded file from adrotate settings.
6. On 'uname -a' comment we find that the kernel version is vulnerable and can be exploited to obtain root access.
7. On successful execution of the exploit you get root access.
#Loly #Lolywriteup #walkthroughLoly #Lolybox #indianhacker #htb #vulnhub #oscp #ndia #hindi #hackforfun #hack #ospg #penetrationtesting
1. On directory enumeration we find that the server runs wordpress site.
2. On running wpscan we find user loly exist and on bruteforce we find users password.
3. On logging in to wordpress admin panel we find adrotate has a functionality which allows the upload of zip files,, which later unzips the zip file content to /banner folder. This features helps us to bypass the file format checks in place and upload a reverse shell.
4. We get the location of the uploaded file from adrotate settings.
6. On 'uname -a' comment we find that the kernel version is vulnerable and can be exploited to obtain root access.
7. On successful execution of the exploit you get root access.
#Loly #Lolywriteup #walkthroughLoly #Lolybox #indianhacker #htb #vulnhub #oscp #ndia #hindi #hackforfun #hack #ospg #penetrationtesting
0:15:51
0:33:32
0:02:23
0:57:19
0:05:16
0:43:10
0:07:22
0:07:30
0:24:21
0:10:20
0:17:19
0:11:36
0:29:27
0:08:51
1:15:03
0:39:26
0:13:31
0:23:32
0:12:01
0:15:08
0:03:22
0:15:16
0:17:44
0:11:54