Machine: The Planets: Earth
- file: Earth.ova
- size: 2GB
Type: Virtual Box Archive (.ova)
find step-by-step pentest notes here
-
Netdiscover Scan
-
Found
https://terratest.earth.local
>/robots.txt
>/testingnotes.txt
>/testdata.txt
-
Got website login creds (for
http://earth.local/admin/login
):- username:
terra
- password:
earthclimatechangebad4humans
- username:
-
Successfully logged into Admin Command Tool!
-
Successfully got a Reverse Shell!!
-
Found
/var/earth_web/user_flag.txt
>[user_flag_3353b67d6437f07ba7d34afd7d2fc27d]
-
Found a vuln binary:
/usr/bin/reset_root
-
Root Credentials:
- username:
root
- password:
Earth
- username:
-
Found
/root/root_flag.txt
>[root_flag_b0da9554d29db2117b02aa8b66ec492e]
- Currently we have full root privilages
- Next things to try:
- maintaining access
- clearing tracks