CyberSecLabs - CMS - Linux [Walkthrough]

▶️ YouTube: https://www.youtube.com/c/PinkDraconian 🐦 Twitter: https://twitter.com/PinkDraconian 🎵 TikTok: https://www.tiktok.com/@pinkdraconian ℹ️ LinkedIn: https://www.linkedin.com/in/robbe-van-roey-365666195/ 📞 Discord: PinkDraconian#9907 📷 Instagram: https://www.instagram.com/robbevanroey/ 🕸️ Website: http://pinkdraconian.d4rkc0de.com/ 👨‍💻 HackTheBox: https://www.hackthebox.eu/home/users/profile/129531 Twitter: https://twitter.com/PinkDraconian Discord: PinkDraconian#9907 Website: http://pinkdraconian.d4rkc0de.com/

Platform: CyberSecLabs

Platform Link: https://www.cyberseclabs.co.uk/

Category: Machine

OS: Linux

Challenge name: CMS

Difficulty: 1/10

00:00 Introduction 00:15 Running nmap 00:33 Checking out the webpage at port 80 and seeing that it's running wordpress 00:55 Running wpscan to see if there's any vulnerable wordpress plugins, We use searchsploit and find an exploit that we decide to run 02:30 We now have local file inclusion on the box and check out the methodology in HackTricks, which shows us how we can use /proc/self/status to get the current user and then including /home/angel/.ssh/id_rsa to get the private key 04:54 Giving the private key proper permissions in order to be able to use it to log in using ssh 05:30 Running sudo -l to see that we can run any command as sudo and using that to get a root shell ... https://www.youtube.com/watch?v=nnlfJbFKt2Y