DIGITALWORLD.LOCAL: JOY
Does penetration testing spark joy? If it does, this machine is for you.
Does penetration testing spark joy? If it does, this machine is for you.
This machine is full of services, full of fun, but how many ways are there to align the stars? Perhaps, just like the child in all of us, we may find joy in a playground such as this.
This is somewhat OSCP-like for learning value, but is nowhere as easy to complete with an OSCP exam timeframe. But if you found this box because of preparation for the OSCP, you might as well try harder. :-)
Enumeration
Let’s enumerate 1 by 1
- Always keep http enumeration at the end since it has larger attack surface.
There is no data on port 25, 80, 110, 139, 143, 445, 465, 587, 993, 995
More Enumeration…
- We can use CPFR/CPTO command in FTP and get reverse shell. but we require certain parameters for it.
Exploitation
lateral privilege movement,
Privilege Escalation