Showing posts from April, 2019

DC-2 Walkthrough

I already got root on DC-1 machine  like 1 month ago, it was a nice box but I didn't had enough time to write about it so I thought of doing DC-2 machine by same author and write about it too :D . Though DC-2 is not available on vulnhub yet but you can download it from here . This machine has 5 flags in total and below is my walkthrough on how I found them :) As usual, I started the box by doing a quick nmap scan and it revealed port 80 only. Only port 80 open? This sounded fishy to me so I hit up arrow key, added -p option to previous command for full tcp port scan and now we can see port 7744 is also open. Since this port is used for SSH and no creds were provided, I went for HTTP service on port 80. On directly opening the ip address of the machine, I got redirected to dc-2/ so I quickly added an entry to /etc/hosts file with machine's ip address and its corresponding hostname. On opening dc-2/ on browser, an wordpress site was found. Welcome, what we