Vulnhub: Glasgow Smile 2

H0j3n
7 min readAug 6, 2020

The machine is designed to be a DC tribute but also a kind of real-life techniques container. You will find also a bunch of CTF style challenges. You need to have enough information about Linux enumeration, PTES and encryption for privileges escalation.

Enumeration

Let’s do nmap first and see what do we get.

22 tcp   open     ssh
80/tcp open http
83/tcp open http

Port 80 (Http)

When we get into the website we can see its blank like this with the GS2 new logo. The page source also did not give us anything. So let's try to enumerate the directory.

Dirsearch

So we got one text file which is todo.txt

todo.txt

By looking at todo.txt we know that there is an automatic script that could be an extension of sh. Use the most popular wordlist! —…

--

--

H0j3n
H0j3n

Written by H0j3n

CTF Player 🚩 || TRYHACKME || HACKTHEBOX || VULNHUB || STUDENT

Responses (1)