Lab 9.1: Exploit Gloin

Deliverable 1. Provide the Following Information to include commands and screenshots. Create a tech journal page that covers the following.

Target IP Address

10.0.5.31

Open Ports

22
443
3389

Discovered Vulnerability

Found that Online Entrance Exam System has an sql vulnerability

https://10.0.5.31/entrance_exam/take_exam.php?id=%27+UNION+SELECT+1,username||%27;%27||password,3,4,5,6,7+FROM+admin_list;

Line above will dump admin hash

Peer told me to use CrackStation for this step

How you achieved a foothold
I found the exploit for Online Entrance Exam System by using searchsploit and finding a mysql exploit then looking at exploit db and reading what was there.
How you achieved root/Administrative level compromise
I cracked the hash for the admin user and then sshed into the machine using administrator as the user because it’s a windows machine.
User Flag
Root Flag

Overview

I didn’t have much trouble with this lab I was very thankful for my peer who told me to use CrackStation instead of trying to other tools. It made this process a lot easier. I did find it very fun to not have much information and having to get a foothold on our own.

Paul's Resources

Explorer

Lab 9.1 Exploit Gloin

Lab 9.1: Exploit Gloin

Deliverable 1. Provide the Following Information to include commands and screenshots. Create a tech journal page that covers the following.

Overview

Graph View

Table of Contents

Backlinks