TryHackMe - 0Day
Box Overview 0Day is a medium-rated TryHackMe box with the description: “Exploit Ubuntu, like a Turtle in a Hurricane” This writeup covers exploiting the Shellshock vulnerability (CVE-2014-6271) for initial access and leveraging an overlayfs kernel exploit for privilege escalation. Enumeration Nmap Scan Initial port scan reveals two open services: nmap -sC -sV -oA nmap/initial [TARGET_IP] Results: Port 22: SSH (OpenSSH) Port 80: HTTP (Apache httpd 2.4.7 Ubuntu) Web Enumeration The website displays a single static page with no immediately useful information.
Read more ?