Hackmyvm - Gift

After spawning up the target machine, we do an fping to get target IP

since ...62 and *..*.119 are my AP and my machine’s address respectively, Target IP should be 192.168.8.179 Added IP to /etc/hosts with name gift.hmv

ran full nmap scan on target IP and found ssh and http open..

ran dirb and nikto on http for hidden directories but found nothing except index.html

Checked browseer on port 80, http and found this;

Since i could do nothing to port 80, http at the moment… I started shooting at port 22, ssh. made a user wordlist of two users ‘gift’, and ‘root’ then i bruteforced with ncrack using the user wordlist and rockyou as password wordlist. Then i landed a hit.

root:simple

I ‘ssh-ed’ into machine and got root access straight up and found user and root flag.