sunset: twilight Walkthrough
| reference | sunset: twilight |
| target ip | 192.168.1.6 |
Scan with nmap:
Enumerate with enum4linux -S 192.168.1.6:
smbclient //192.168.1.6/WRKSHARE -N:
Upload rs.php to /var/www/html/gallery/original/rs.php:
Reverse shell as user www-data:
Writable /etc/passwd:
Add a malicious user foobar with password pass:
1 | openssl passwd -1 -salt foobar pass |
Login via SSH:
/root/root.txt:
/home/miguel/user.txt:
/home/miguel/ftp/22253251-65325.twilight:
/var/mail/www-dataandcrontab -las user www-data:
/etc/shadow-:
But the password is wrong.
/var/mail/miguel:
