Search

OSCP Walkthrough: Hacking FunboxRookie in Offensive Security

Offensive Security offers free lab machines under their Proving Grounds library that I find super helpful to prepare for the OSCP. I will be walking you through my experience with an “easy” level machine called FunboxRookie.

 

START THE LAB :-

 

  1. 1. Open lab and take the ip
  2. 2. Scanning the ip using nmap in kali linux
  3. 3. You see the open ports and try to hack
  4. 4. We connect first ftp server using anonymous
  1. 5. We are connect ftp server and use ls command see the file in ftp server.
  2. 6. We are download all file in kali linux using mget *
  1. Ahf4PF71qAwbAAAAAElFTkSuQmCC
  2. 7. I try to connect ssh and ftp but I not connect
  3. B8tpwk0cY8EBAAAAABJRU5ErkJggg==
  4. 8. We download all file but it is password protected. Now crack the password using hash
  5. 9. We need first hash so using zip2john all file we use code or manually, if u can use the so go chatgpt and ask.
  6. 10. Then I do manually I found pass of tom.zip
  7. 11. You get a file name as id-rsa and connect ssh
  1. AUc87eEwYKWJAAAAAElFTkSuQmCC
  2. 12. Then I connect ssh using command ssh user@<ip> -i id_rsa
  3. 13. We connected successfully to ssh then found first flag using ls -la see all file in current directry.
  4. 14. We see local.txt in this file have first flag.
  1. g9NW6725MvM3gAAAABJRU5ErkJggg==
  2. 15. We need root access.
  3. 16. We using tool from github url https://github.com/Almorabea/pkexec-exploit?source=post_page—–c0d1b232d6da——————————–
  1. 99hKNFlZdT8AAAAASUVORK5CYII=
  2. 17. We try install python file direct but it need permission of sudo ,so send this file using python server.
  3. 18. Tool install in victim directry using wget .
  1. D9c6Y1hIqR6FAAAAABJRU5ErkJggg==
  2. 19. Run python file and exploit permission of sudo
  1. 20. You can access all directry, find second flag in root folder and submit flag to slove the lab.

Book A Free Demo Class

    Social Media
    Facebook
    Twitter
    WhatsApp
    LinkedIn