DerpNStink: 1 ~ VulnHub - Walkthrough
Revision as of 22:17, 2 May 2018 by Dmina (talk | contribs) (Created page with "Category:Pentesting == Objective == Explore multiple remote vulnerabilities and multiple privilege escalation vectors to gain access to and gain root privileges on the tar...")
Contents
Objective
Explore multiple remote vulnerabilities and multiple privilege escalation vectors to gain access to and gain root privileges on the target host.
Source: [VulnHub.com]
Status: [Work in progress]
Methodology
Discovery
Recommendations
Appendix A: Vulnerability Detail and Mitigation
| Rating | High |
| Description | xxxxxx |
| Impact | xxxxx |
| Remediation | xxxxx |
| Rating | High |
| Description | xxxxxx |
| Impact | xxxxx |
| Remediation | xxxxx |
| Rating | High |
| Description | xxxxxx |
| Impact | xxxxx |
| Remediation | xxxxx |
| Rating | High |
| Description | Unix file permissions for /etc/shadow are incorrect. |
| Impact | Allow any user with a shell to access this file and extract password hashes which can be further passed to a password cracking utility to extract user credentials. |
| Remediation | Set unix file permissions for /etc/shadow to "600" and change ownership to root:root |