Zico2 CTF

This time I decided to play one 'old' CTF VM. I tried Zico2 from VulnHub resources. Below you will find few details from the journey...
We will start here:

Nice webpage for some 'e-commerce shop'. Checking:

 

Between the links available on the page you will quickly spot the link to /view.php page:

...so what if we'll...

Yep. :) So far, so good. Next I scanned web server (using dirb from Kali):

 

One of the links I found was /dbadmin/:

Checking:

 

Looks familiar...

Let's try to use thos poc/info to write small code for our learning purpose. Using 'default credentials' we are here:

Checking our poc (based on info from Exploit-DB):

Verify:

Last part - venome.sh:
 

Now we are here:

Preparing...

Verify again (because ELF from venome.sh was not able to work properly... ;S) :

'Automating' in bash ;)

And finally:

Checking if our shell is there:

Preparing msfconsole with meterpreter:

 

Now we should be ready:

Next:

Let's run our shell:

Still no luck (to reverse shell...). So let's try to read some files:

That's how I found:

Little grep:

...and we are here:

Checking our possibilities to get r00t ;]

Hm... that should be easy... ;)

(For example:

Let's try this one.)

Looks like it's done. ;)

See you next time!

Cheers