Vegeta: 1 Walkthrough

(Updated: )
reference Vegeta: 1
target ip 192.168.1.11

Scan with nmap:

Enumerate HTTP with gobuster:

Request http://192.168.1.11/bulma:

Download http://192.168.1.11/bulma/hahahaha.wav, and decode with Morse Decoder:

Login into the target as user trunks (lowercase):

Writable /etc/passwd:

1
openssl passwd -1 -salt user pass

Escalate from user trunks to user user (root):

  • http://192.168.1.11/login.php:
  • http://192.168.1.11/find_me/find_me.html:

Base64 decode twice:

QR Decode with ZXing Decoder Online:

  • http://192.168.1.11/admin/admin.php:
  • /var/www/html/b374k.php: