======================

Hey guys , today I will walkthrough step by step in Browny Machine. this Machine is so good for beginner in pentration testing you will gonna learn a lot in this experenice. It is an easy linux machine , We will exploit Xplico Remote Code Execution in a vulnerable version Xplico that listen on port 9876 by default. There is a hidden end-point at inside of the Xplico that allow anyone to create a new user that can execute a terminal command under the context of the root user. its ip is 10.1.1.17 I gonna added it to /etc/hosts as Browny.lab Let’s get Start !

======================

We will use nmap tool for collecting informations about our target such as what services are running , whats its versions and does those services has potential vulnerabilities.

sV: for version detection sC: for lunch default scripts againts services sT: for system is used to open a connection to every interesting port on the machine

nmap.PNG

it just a dummy html page. and nothing more.

always while you doing http enumeration try to brute force subdirectries for finding any intersesting web pages could give you a greate information about your target

lets lunch the Metasploit framework and doing research on xplico http exploit By doing search we will find exploit with rank excellent

meta1.PNG

meta2.PNG

and now we have a shell.let do id command line to know make sure about privilege as root we play an easy machine so don’t need to privilege escalation or any complicated stuffs. all we need to do is explore the system files after we sure that we are root. and open the root.txt and user.txt to get the flags

==============================

that’s all about this machine.