Posts

Showing posts from October, 2020

THE PLANETS: MERCURY Walkthrough - VulnHub

Image
Introduction Getting back to CTF solving after a looong break, is a difficult task. So, I decided to proceed with an EASY challenge, and  VulnHub  was the obvious choice to find the one. In few searches, I found a perfect machine to start with -  'The Planets: Mercury' .   This boot2root machine had 2 flags: USER & ROOT. The USER flag can be obtained by  SQLi  ==>  Creds  ==>  SSH  ==>  FLAG . The ROOT flag is were an interesting PrivEsc lie in. Hope you find this writeup interesting & useful! Information Gathering Port Scan: Nmap To begin with reconnaissance, let's find out open ports with Nmap, with service version enumerations: Port 8080 So this looks like a simple page with no secrete or hint. Let's try accessing some common directories: Visiting ' admin ' directory, we got the error page. This happened as the site is built on  Django  with  Debug  set to  True . Luckily for us, the URL ...