You are welcome to post your write-ups for retired Machines here!
To keep a uniformity on the write-ups, use the following style guide:
- Discussion Title: {Machine} write-up by {username}
- Title each phase with an H2 tag (##)
- Title each step of a phase with an H3 tag(###)
- Enclose all commands and code in a code block (~~~)
- Use external links for used exploits
- Tag the post properly, eg. {machine},writeups,etc.
Sample:
##Enumeration
We start by enumerating open ports and then drill down to each service for more information
###Nmap Scan
[root@server1 ~]# nmap 10.10.10.123
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2017-09-11 15:42 EST
Interesting ports on 10.10.10.123:
Not shown: 1674 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
957/tcp open unknown
3306/tcp open mysql
8888/tcp open sun-answerbook
MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: 1 IP address (1 host up) scanned in 0.415 seconds
Seems that we have a web server. Lets dirb it!
###Dirb
[root@server1 ~]#dirb http://10.10.10.123/
-----------------
DIRB v1.9
By The Dark Raver
-----------------
START_TIME: Mon Jul 9 23:13:16 2007
URL_BASE: http://10.10.10.123/
WORDLIST_FILES: wordlists/common.txt
SERVER_BANNER: lighttpd/1.4.15
NOT_EXISTANT_CODE: 404 [NOT FOUND]
(Location: '' - Size: 345)
-----------------
Generating Wordlist...
Generated Words: 839
---- Scanning URL: http://10.10.10.123/ ----
FOUND: http://10.10.10.123/phpmyadmin/ (***) DIRECTORY (*)
##Exploitation
Blah blah blah…