So let's start; I think everybody knows about vulnhub(if anybody didn’t know,try to explore is blog:https://medium.com/@gavinloughridge/a-beginners-guide-to-vulnhub-part-1-52b06466635d)
The machine was released on 11 Jul 2018(Here is the link: https://www.vulnhub.com/entry/linsecurity-1,244/)
Difficulty Level: Beginner
Learning: crack hash|Privilege Escalation
This is a boot to root challenge.
So let’s start;
I download it from vulhub;but it was unable to connected to my NAT network(i use VMWARE)
But when i open,it give me terminal, where i type machine credentials and enter the box..(but here the question how i get the machine credentials)
While Download this, i saw here creator of the machine give some credentials,so I use that credentials and successfully enter into machine😎
while enumerating machine, i know that 3 user present inthat box. And our goal was to try to login with every user after that get root shell.
Here I am logging with bob. So it’s time get Privilege Escalation that machine. for that i enter simple command (sudo -l) ,for knowing which file/program have the root user power .but after that when the result comes out ,i was totally shocked because ,it shows lot’s of program /file are vulnerable .😥
Here I just Abuse the bash command and get root power. by typing “sudo /bin/bash”
As earlier i said 3 user present in that box, and our goal was to get root shell from every user…. so i try to enumerate other user credentials , and i got somethings juicy.
Here i get susan user value, it’s time to switch the user😁😎
I try to esclate the Privilege Escalation, but i faild.
But when I type “cat /etc/passwd” , I was totally shocked I was able to read another user password hash.
So it’s time to open john , and crack that hash🤗
After that type ( john — wordlist:rockyou.txt k)
And i get Decreyt password =(insecurity:P@ssw0rd:0:0::/:/bin/sh)
so Its time to switch the user .. i get the root shell.
I hope you enjoy my post…please forget my English mistake,….
Thank you for reading my Post….be happy and always have Tryharder attitude.