This VulnHub writeup is based on Neuromancer - part two of the excellent ‘Wintermute 1’ challenge, created by creosote I’ll spare you all the detail, but as a quick recap, after having rooted Straylight we find that it is dual-homed - i.e. it is part of a second sub-net. We pick up the action from the ‘note.txt’ file found after having gained root privs on that box. TLDR/Spoiler Alert: The privesc route for this machine is not the obvious one chosen by other people who have taken the time to put together so many great writeups.
This VulnHub writeup is based on Straylight - part one of the excellent Wintermute 1 series found on Vulnhub, created by creosote. The Wintermute 1 series is designed to be similar to some of the challenges presented by the ‘OSCP’ (Offensive Security Certified Professional) labs. Skills such as pivoting are really put to the test in the series, and it certainly ticked the box for me in terms of learning new stuff.
I’ve recently been approached to help introduce some new folk to the wonderful world of ethical hacking. The assumption is that they may know about the basic theory behind the stages of rooting a target, but have little by way of hands-on experience. Ideally I want to do something that can be completed in a group scenario where everyone can play along and achieve root in a couple of hours tops.