PRIME: 1 | Writeup
This machine is designed for those one who is trying to prepare for OSCP or OSCP-Exam.
This is first level of prime series. Some help at every stage is given. Machine is lengthy as OSCP and Hackthebox’s machines are designed.
So you have a target to get root flag as well as user flag.
Enumeration
We only have port 80, so enumerate hard on this.
After doing gobuster on the port 80, i found a lead,
let’s wfuff it,
we have victor, saket, and the password follow_the_ippsec
we can login to the wordpress, using the cred:
victor:follow_the_ippsec
Exploitation
Privilege Escalation
Used the kernel exploit CVE-2017–16995 to escalate the privilege.