Wpwn

This is my write ups for Wpwn (See original submission) on Off-Sec Proving Ground.

This room is a CTF type of room

I will try to go deep into the technical thing we do in this room.

1. Enum

Start the machine and get the IP

Machine IP

Export the IP to the terminal so we can use it easier

export IP=192.168.213.120;clear
hello
## Test to see if the IP is correct
echo $IP

Start our usual port scans

nmap -sC -sV $IP
rustscan $IP

Nmap default scan result
PORT     STATE SERVICE VERSION
6667/tcp open  irc     UnrealIRCd (Admin email example@example.com)

Rustscan result
PORT     STATE SERVICE    REASON
6667/tcp open  irc        syn-ack
6697/tcp open  ircs-u     syn-ack
8067/tcp open  infi-async syn-ack

Wpwn

This is my write ups for Wpwn (See original submission) on Off-Sec Proving Ground.

1. Enum

2. Foothold

3. PrivEsc

This is my write ups for Wpwn (See original submission) on Off-Sec Proving Ground.​

1. Enum ​

2. Foothold ​

3. PrivEsc ​

This is my write ups for Wpwn (See original submission) on Off-Sec Proving Ground.

1. Enum

2. Foothold

3. PrivEsc