Writeup-Vulnhub-Kioptrix #5
The exploitation of a vulnerable FreeBSD OS machine, rooting it by escalating privileges
This writeup goes through exploiting outdated services/applications to get a root shell on the machine. The Target machine being used in Kioptrix 2014 available on Vulnhub.
Objective:
- Find Hidden Directories
- Exploit outdated versions of web application services
- Intercept traffic via burp suit and replay to get restricted access to URL paths
Getting Started
To get started download the ova file available on Vulnhub. Open the file on your VMware or Virtual Box. Fire up you Kali-Linux or Parrot distribution for attacking the target machine
Recon & Scanning Phase
Use netdiscover to know the IP of our target machine. Since we don’t know the IP we will scan the whole range of the network using the following command
netdiscover -r 192.168.0.0/16
So we have our target IP now as seen below
Now that we have our target machine’s IP address lets do a Nmap scan to find out what services are running on the target machine
From the scan above following two ports are open
- Port 80
- Port 8080
Enumeration
Both Ports are running Apache httpd 2.2.21 server. Let’s dig a little deep and navigate to the target machine IP addresses using these ports in the URL