Cybersecurity Solutions and Support Services

    Vulnhub InfoSec Prep: OSCP Walkthrough

    The description states:  "This box should be easy. This machine was created for the InfoSec Prep Discord Server as a give way for a 30d voucher to the OSCP Lab, Lab materials, and an exam attempt."

    Been a while since I've written I've been focusing heavily on a class but I needed a little distraction, saw the new Vulnhub look and feel, then saw this box.  I thought maybe it would be a little more OSCP-like but I think the point was to make it accessible to a wider variety of player. 

    We kick off with Nmap:

    We see the web port and MySQL on another port.  We fire up Nikto:

    Two things stand out -- /secret.txt and WordPress.  We check out the site:

    Checking out /secret.txt we find:

    Looks like Base64.  We decode:

    And we get a private key.  We save it and give it the proper permissions.

    Now we need a username which we find here:

    We SSH into the box:

    We fire up LinePeas:

    And we see that bash has some interesting permissions set.  We visit gtfobins:

    Executing bash with the -p flag:

    And we're root.  We just need to get the flag:

    © 2020