DIGITALWORLD.LOCAL: DEVELOPMENT

This machine reminds us of a DEVELOPMENT environment: misconfigurations rule the roost. This is designed for OSCP practice, and the…

This machine reminds us of a DEVELOPMENT environment: misconfigurations rule the roost. This is designed for OSCP practice, and the original version of the machine was used for a CTF. It is now revived, and made slightly more nefarious than the original.

digitalworld.local: DEVELOPMENT
Please remember that VulnHub is a free community resource so we are unable to check the machines that are provided to…

Enumeration


Path to root

  1. see the source code of the http server.
  2. go to the html_pages and enumerate the remaining pages.
  3. go to the developmentsecretpage and try to logout, and you see an error.
  4. This error leads to an exploit available. and view the username:pwd_hash
  5. Login by cracking the hash
  6. escalate privilege by nano