We see that port 80 and 21 are open. lets begin by going to the website 10.10.10.5
so naturally you would want to go through every payload choice until we have an exploit that works. (windows/local/ms10_015_kitrap0d) worked
In this box we learned about finding hidden directories, proof of concept with the ftp file upload, configuring a malicious code to execute on the server and privilege escalation.
eJPT | Sec+ | Cyber Security Enthusiast. I plan on obtaining the ecpptv2 and OSCP in 2021. Just documenting my experience of becoming a pentester along the way.