Web: https://dev.to/1nf3rn0/vulnhub-vegeta1-walkthrough-3lkn

May 4, 2022, 2:50 p.m. | 1nf3rn0s

DEV Community dev.to




Metadata


IP: 192.168.120.73

Difficulty: Easy





Summary


This machine is exploited by recovering SSH credentials from a Morse code inside an audio file. Privileges escalated by abusing misconfigured file permissions on /etc/passwd.





Enumeration





Nmap


We start off by running an nmap scan:



└─$ sudo nmap -sC -sV -oA initial 192.168.120.73
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-27 17:56 EST
Nmap scan report for 192.168.120.73
Host is up (0.033s latency).
Not shown: 998 closed tcp ports (reset)
PORT STATE SERVICE …

iOS Engineer

@ Starling Bank | Remote - United Kingdom

Sr. Data Analyst

@ SpotOn | Remote

Senior Project Manager

@ IT Labs | Remote - Belgrade, Vojvodina, Serbia

Manager, Strategic Partnerships

@ Knock | Remote

Senior Product Manager, Data

@ Pinwheel | United States, Remote

Director Data Engineering

@ Arm Treasure Data | United States, REMOTE