Traverexec is a now retired Linux HTB machine, it has been a while since I rooted this one but I do recall that I thoroughly enjoyed working it and planned to write it up when it was retired, so my notes are better 🙂
Recon: I prefer to use multiple nmap runs rather than a whole bunch of checks in one run, it’s just personal preference.
Yep, we have an RCE exploit on exploit-db and already on our Kali box 🙂 Remember to always check exploit code, in fact, all code before just running it! I really can’t stress it enough, if you don’t understand what’s happening, research more!
With the foothold achieved we need to get to user, so I had a dig around
First thing’s first, we need the password hash from .htpasswd, then crack it with john and our beloved rockyou.txt
You must be logged in to post a comment.