PORTAL PWNTILLDAWN

IP = 10.150.150.12

DIFFICULTY = EASY

Hi guys lets solve another fun box again

NMAP scan

we have 2 open ports

ENUMERATION AND EXPLOITATION

so, let’s start our enumeration from port 21 which runs FTP by default and which allows anonymous login username: anonymous and password: hit enter(blank password) And yeah we have nothing on the FTP server

so, going back to our nmap scan shows the FTP server is running vSFTPD version 2.3.4 searching for exploit led me to this exploit

so, running the exploits gives us root.

Stabilizing the shell using python3 -c "import pty;pty.spawn('/bin/bash')" then export TERM=xterm

And we are Done

Thanks.