Pinky's Palace: v1 ~ VulnHub - Walkthrough
Contents
Objective
xxxxxxxxxxxxxxxxxxxxx
Source: [xxxxxx]
Status: [In Progress]
Methodology
Discovery
Identify the target
root@kali:~# nmap -sP 192.168.56.0/24
.....
root@kali:~# export TANGO=192.168.56.104
root@kali:~# nmap -O -sT -sV -p- -T5 $TANGO
Starting Nmap 7.60 ( https://nmap.org ) at 2018-03-23 19:11 EDT
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers
Nmap scan report for $TANGO
Host is up (0.00098s latency).
Not shown: 65532 closed ports
PORT STATE SERVICE VERSION
8080/tcp open http nginx 1.10.3
31337/tcp open http-proxy Squid http proxy 3.5.23
64666/tcp open ssh OpenSSH 7.4p1 Debian 10+deb9u2 (protocol 2.0)
MAC Address: 08:00:27:A3:C5:2A (Oracle VirtualBox virtual NIC)
Device type: general purpose
Entry Point #1 - Port NN (XXX)
Enumeration
xxxxx
xxxxx
Exploitation
xxx xxx xxx
xxx
xxx
xxx
xxx
xxx
Final Notes
xxx
Appendix A: Vulnerability Detail and Mitigation
Rating | High |
Description | xxxx |
Impact | xxxxxxxxxxxxxxxxxxxxxxxxxxxx |
Remediation | xxxxxxxxxxxxxxxxx |