Секретный кабинет (Secret Cabinet)

hackerlab

Task: Pentest machine with web login form and SSH access. Solution: SQL injection in hidden username field to bypass auth, SQLMap to dump MD5 hashes, crack password, SSH access, then GTFOBins sudo zip privilege escalation to read root flag.

sql_injection mysql php authentication_bypass sudo_privesc ssh md5_cracking gtfobins sqlmap zip_privesc

MD5 hash cracking via online lookupSQL Injection authentication bypassSQLMap database enumerationGTFOBins sudo zip privilege escalation

$ ls tags/ techniques/

sql_injection mysql php authentication_bypass sudo_privesc ssh md5_cracking gtfobins sqlmap zip_privesc

MD5 hash cracking via online lookupSQL Injection authentication bypassSQLMap database enumerationGTFOBins sudo zip privilege escalation

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Permission denied (requires tier.pro)

Sign in to access full writeups

$sign in

$ grep --similar

Similar writeups

[infra][Pro]SecretShell— alfactf
[infra][Pro]Будущий релиз (Future Release)— hackerlab
[infra][Pro]Логово хакера (Hacker's Lair)— hackerlab
[web][Pro]Pryzhok— hackerlab
[pentest][Pro]Сисадмин (Sysadmin)— hackerlab