Cyber Security | CTF | Vulnhub | Bluesky | Understand and Modify Python Exploit | Kali Linux

Welcome back, ethical hackers! In this full VulnHub Bluesky 1 walkthrough, we dive deep into a real-world exploitation scenario featuring Apache Tomcat, Struts2 Showcase, and CVE-2017-5638. This video is perfect for beginners and intermediate pentesters looking to sharpen their skills in manual enumeration, Metasploit usage, Python exploit tweaking, and privilege escalation.

🔥 What you'll learn in this video:

How to manually enumerate a web application running Apache Tomcat

Using Nikto, Gobuster, and custom wordlists to uncover hidden directories

Discovering and exploiting Struts2 vulnerability (CVE-2017-5638) with Metasploit and manual Python code

Fixing Python module issues during exploitation

Uploading and running LinPEAS for post-exploitation enumeration

Extracting Firefox credential files and using Firepwd to decrypt saved passwords

Gaining root access through lateral movement and smart enumeration

📌 Tools used:

Metasploit

Nikto

Gobuster

Custom GitHub wordlists

Python exploit script

LinPEAS

Firepwd

📂 Machine Info:

🔐 Struts2 Exploit GitHub Repo:

🔑 Wordlist used for discovery:

👨‍💻 Don’t forget to like, subscribe, and turn on notifications for more CTF walkthroughs, ethical hacking tutorials, and cybersecurity insights.

#VulnHub #EthicalHacking #CTFWalkthrough #Struts2Exploit #CVE20175638 #PrivilegeEscalation #TomcatExploit #Firepwd #LinuxEnumeration #LinPEAS #CyberSecurity #HackingTools #KaliLinux #kali #computersecurity #linuxcommandlinetutorial #programming #coding #computerhacking #informationsecurity #privilegeescalation #hacker #python #pythonhacking #pythonprogramming #pythontutorial #pythonforbeginners #python3 #oscp #oscpprep #linuxcommandline #linuxadministration