top of page
Image by Blake Cheek
  • Writer's pictureBeri Contraster

Hackable II writeup Walkthrough - Vulnhub


Hackable: II cover image
Cover Image

Name: "Hackable: II"

Date release: 15 Jun 2021

Author: Elias Sousa

Series: Hackable

Difficulty: Easy


Welcome Reader, Today we'll pwn Hackable: II from vulnhub. Let's start with an Nmap scan.



USER

FTP login is allowed let's see what's in there.



Heading over to call.html.



It says file not found let's try directory fuzzing with gobuster.



Heading over to /files



I uploaded a PHP reverse shell through FTP and received a shell. Let's upload the file first and don't forget to change the IP.


Fire up the Netcat listener and visit the file to gain a shell.


I upgraded my reverse shell. Here is how you can do it. I found an interesting file named .runme.sh under the /home directory. Executing the file gave me a secret key for the Shrek account.


Let's use Crackstation to get the clear text password.


The password is literally onion. I could have guessed it lol. This user can run python3.5 with root privileges.



This command can used from GTFOBins to get root.


Thanks for reading. If you have any questions, please don't hesitate to ask.

22 views0 comments

Recent Posts

See All

Comments


bottom of page