This is a walkthrough of the CTF of the "So Simple 1" available in vulnhub. This VM is designed to practice our enumerating, logical, how to find exploits for a particular vulnerability and how to use gtfobins to gain root access. This VM has 3 flags inside it, two of them are the user flags meaning 2 flags are in the user's home directory and our third and last flag was in the root's home directory. So we have to get into every user to read their flags and then find a way to get root and then read our roots flag. We get the IP address of the VM when we started them. And after doing directory brute force using gobuster we found a WordPress directory and then by using wpscan we find the user name password to login into the WordPress dashboard. But there is no plugins or themes section in order to upload our reverse shell, so we found an exploit for a plugin names social warfare installed in our target WordPress. And by using a proof of concept we successfully get a reverse shell from the root, and switches to each user lastly we get root and read our root flag, and thus completed this challenge.
#SOSimple1 #VulnHub #CTFWalkthrough
Social Warfare exploit link: https://wpscan.com/vulnerability/7b41...
Revshell link: https://www.revshells.com/
GTFOBins link: https://gtfobins.github.io/#s
Hacking skills you learn in this video:
1. How to run Nmap scan on target with arguments
2. How to run directory brute force attack using gobuster with dirbuster wordlist
3. How to run wpscan enumeration users scan
4. How to brute force WordPress user's password using wpscan
5. How to find exploit for social warfare 4.3.0
6. How to use Social Warfare 3.5.2 RCE
7. How to access hidden directories in Linux
8. How to ssh using the ssh key
9. How to get to another user using services
10. How to get root using scripts with suid
So Simple 1 download link: https://www.vulnhub.com/entry/so-simp...
Kali Linux download link: https://www.kali.org/get-kali/
Virtual Box download link: https://www.virtualbox.org/wiki/Download
Free Video Course
___________________
➡ Canva Beginner Course: • Canva Tutorial: Full Course in Hindi/...
➡ Video Scribe Complete Course: • How To Create White Board Animation i...
➡ Kine Master Complete Video Editing Course: • KineMaster: How To Edit Video on Smar...
Follow Awan Explain
_____________________
Facebook (My Profile): https://www.facebook.com/profile.php?...
Instagram (Channel Page): / awanexplain
Instagram (My Profile): / the.naeem
Subscribe: / @awanexplain
Discord Server (Coming Soon)
Twitter (Coming Soon)
Reddit (Coming Soon)
Website (Coming Soon)
Music By: "After The Fall"
Track Name: "Vibe Check"
ATF LinkTree - https://linktr.ee/AftertheFall
DOWNLOAD @ https://www.chilloutmedia.com/atf
License: Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)
Full license here: https://creativecommons.org/licenses/...
The music was released by Chill Out Records @ https://goo.gl/fh3rEJ & https://www.LoFi-HipHop.com
Смотрите видео So SImple 1 VulnHub Walkthrough in Hindi/Urdu [2022] - Boot2Root онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь Awan Explain 01 Сентябрь 2022, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 107 раз и оно понравилось 3 людям.