Vulnhub InfoSec Prep: OSCP Walkthrough

    The description states:  "This box should be easy. This machine was created for the InfoSec Prep Discord Server as a give way for a 30d voucher to the OSCP Lab, Lab materials, and an exam attempt."

    Been a while since I've written I've been focusing heavily on a class but I needed a little distraction, saw the new Vulnhub look and feel, then saw this box.  I thought maybe it would be a little more OSCP-like but I think the point was to make it accessible to a wider variety of player. 

    We kick off with Nmap:



    We see the web port and MySQL on another port.  We fire up Nikto:


    Two things stand out -- /secret.txt and WordPress.  We check out the site:


    Checking out /secret.txt we find:


    Looks like Base64.  We decode:


    And we get a private key.  We save it and give it the proper permissions.


    Now we need a username which we find here:


    We SSH into the box:


    We fire up LinePeas:


    And we see that bash has some interesting permissions set.  We visit gtfobins:


    Executing bash with the -p flag:


    And we're root.  We just need to get the flag:


    © 2020 sevenlayers.com