This breach is a long process that will make us go throw a lot of systems and various vulnerabilities to get an overview of what is available to us. Click on each subcategories to be redirected to the full explanations.
First step! In this part we'll cover some advanced VirtualBox settings and with the help of
nmapwe figure out the IP of this machine.
Next, using what we found ealier, we discover that a website is running on the machine. Looks like a good place to start our research. With the help of
dirbwe'll try to find vulnerable ressources to exploit.
Beginning of a serie of 4 users that we'll go through to get root. For this one, we'll need to use
ftpto bypass thesshban and exctract files from the machine in order to work with them.
In this part we'll need to reverse engineer small programs to retrieve bits of a password using both Hopper and
gdb.
Now, something different, this time, we'll need to use not only text but also images to get further by creating a turtle interpreter.
Last step to become root user. In this one we'll a famous vulnerability called ret2libc that allow us to run arbitrary code via overriding the normal instruction list.