Muhammed AYGÜN

Bashed machine is a vulnerable machine with Linux operating system among retired machines. Using these vulnerabilities, we are expected to obtain user and root flags.We perform a network scan to recognize the target machine, Classic Scan Full port scan As a result of the port scan, we saw that only http port 80/tcp is open …

Mirai machine is among the retired machines with linux operating system. After detecting and exploiting the vulnerabilities in this machine, we are expected to obtain user and root flags.Let’s get to know the target machine.Classic Scan Full port Scan As a result of port scanning, we saw that “22/tcp ssh”, “53/tcp domain dnsmasq 2.76”, “80/tcp …

Curling machine is a vulnerable machine with a retired Linux operating system. User and root flag values are requested using the vulnerabilities detected as a result of enumuration.First, we perform classic scan, TCP and UDP full port scan to recognize the machine. According to the scan result, we see that ports 80 and 22 are …

Nibbles machine is a vulnerable machine with Linux operating system among retired machines. We are expected to find these vulnerabilities and obtain the user and root flags.First, we check the services and ports running on the target machine; Classic Scan Full Scan As a result of the nmap scan, we see that ports 22 and …

The Postman machine is a machine with a Retired Linux operating system.The services running on the target machine are checked Classic Scan Full TCP Scan Full UDP Scan In Full Port scanning, we see that the Redis service is running and 10000 ports are running, then we detail it. (Redis: -Remote Dictionary Service- It is …

The Irked machine is a machine with Linux operating system among the retired machines.We’re doing a target scan. classic scan TCP Port Full scan UDP Full Scan Here are the ports that are open in order22/tcp open ssh80/tcp open http111/tcp open rpcbind6697/tcp open ircs-u8067/tcp open infi-async34900/tcp open unknown65534/tcp open unknownAmong these ports, what draws our …

The Writeup machine is a retired Linux operating system machine. By hacking this machine, we are asked for user and root flags.
General Machine Information:
It contains a CMS and a sql injection vulnerability that is used to obtain a user credential. Then user is found to be in the non-default group that provides a write access. By providing hijacking, privilege escalation is passed to root.
Machine solving
First we scan for open port information and versions to recognize the target machine

The Networked machine is a retired Linux operating system machine. First, we try to recognize the target machine by performing network scanning. Classic scan Full TCP port scanning Full UDP Port scanning As a result of scaning We see that SSH and http ports are open. When the apache service runs from the http port, …