Guided Pentest Infrastructure
Penetration Testing Foundations 2/5
Task 1 - Introduction
No Answer Needed
Task 2 - Enumeration
Run nmap -sV -sC -oN scan.txt 10.64.188.5
What port other than 22 is open on the target host? 6667
Task 3 - Vulnerability Analysis
Run searchsploit Unreal to answer the question.
Use searchsploit to find an exploit for your target UnrealIRC version. What is the path value for the Remote Downloader/Execute script? linux/remote/13853.pl
Task 4 - Initial Access
Launch Metasploit msfconsole
Look for unreal module search unrealircd then select with use 0
Configure RHOSTS, payload, LHOST, LPORT, then run exploit
Cat the flag from /home/webmaster/flag.txt
What is the user-level flag? THM{Pwned-Y0ur-First-Machine}
Task 5 - Post Exploitation
Search through files to try and find exposed credentials. find / -name password* 2>/dev/null
This reveals /etc/password.txt. Use that to connect to the machine via SSH.
What is the root flag? THM{Escalat1on-D0ne}
Task 6 - Reporting
Which report section is aimed at engineering managers? Technical Summary
Task 7 - Conclusion
No Answer Needed