TOPPO Walkthrough: Vulnhub
TOPPO is a linux based machine which is available on Vulnhub: https://www.vulnhub.com/entry/toppo-1,245/
After the setup of the VM, we can use arp-scan to find the Target IP:
Command: arp-scan -l
Now we got the IP Address, we will run the Nmap Scan to find some open ports.
Command: nmap -A -T5 <Target IP>
Here we can see port 80 and 22 is open, Now we will go to see what is running on port 80 which is http.
A web page is running using bootstrap on port 80, there is nothing inside the source code, so now,
We will be doing directory busting using the tool gobuster.
Command: gobuster dir -u <Target Address> -w /path/to/wordlist
We get an interesting directory named as admin, let’s see what’s inside this directory:
Here is a note, let’s see what’s inside this note:
Here we found a password: 12345ted123
Based on this, we can see a name ted. We can use this name and password to login into this machine using the port 22 which is SSH.
Command: ssh ted@<target IP>
Here we got the access…. Yayyy!!!!
Now we will go for Privilege Escalation..
We will find for 4000 permission files, so that we can use those to escalate the privilege.
Command: find / -perm -4000 2>/dev/null
We found something:
Here we can see python and mawk, we can use both to get root access..
We will use Python for privilege escalation:
Command: python2.7 -c ‘import pty;pty.spawn(“/bin/sh”, “sh”, “-p”)’
Yayyy!!! We finally got the Root access…..
