OSCP-like Intermediate real life based machine designed to teach the importance of understanding a vulnerability. SHOULD work for both VMware and Virtualbox.
Enumeration
we have ports:
- 21
- 22
- 80
- 139/445
let’s enumerate 139/445,
users: aeolus cronus
let’s see the anonymous share,
we have the user aeolus
let’s enumerate port 80:
but nothing from the gobuster and nikto
Exploitation
let’s try to do ssh bruteforce with aeolus,
- It gives the password - sergioteamo
Privilege Escalation
found a service running on 8080, and also cronus is running the service, this account might have some information.
- port forword the port to your localport
it needs creds:
let’s reuse the creds we already have
aeolus:sergioteamo
Let’s search for exploits and do in metasploit,