System Info Dump Trojan - AKA Youtube Viewer

The author scanned the target IP address using Nmap and found open ports for SSH and HTTP. They discovered a base64 encoded string and decoded it, which led them to a YouTube channel named 'cybersploit'. They also found a username and password for SSH and accessed the system. After finding a flag file, they discovered the OS version and checked for local exploits. They downloaded a C exploit and compiled it to gain root access.

The text provides information about scanning an IP address and discovering open ports including FTP, SSH, and HTTP. It also identifies a WordPress site and conducts a password attack to gain access. A reverse PHP shell is used to modify a page. A local privilege escalation vulnerability is exploited and a kernel exploit is compiled and sent to the target, but it cannot be executed due to library mismatch. Linpeas is transferred and run, revealing the WordPress database credentials. The root password is cracked and the proof.txt file is accessed.

Performed network and service scanning, discovered open ports. Found hidden directories using dirb and dirbuster. Uploaded a reverse shell and gained access as www-data user. Identified sudo privilege escalation via Python and obtained root access. Retrieved user.txt and root.txt.

Performed a scan on IP address 192.168.169.111 and found an open Apache webserver. Ran gobuster to enumerate directories and discovered an admin login. Used default credentials to gain access and found a book editor. Uploaded a reverse shell and successfully executed it. Replaced an image on the server. Accessed a user's home directory named 'tony'

The given target is 192.168.186.23. Recon reveals open ports and services including SSH and HTTP. Dirbuster identifies directories. The main site has an admin login page. Using a hydra command, admin:admin login credentials are found. A search for exploits leads to an arbitrary file upload to RCE vulnerability. A shell is obtained. Privilege escalation is performed by upgrading the shell, running linpeas, and finding the root password. Access is gained as root. Proof.txt contains the proof.

Scanning for targets on subnet using Nmap and HTTP enumeration tools such as gobuster and dirbuster to find open ports and directories. Discovered an open SSH port and an Apache HTTP server. Detected Linux OS. Used dirbuster to search for directories and found a CGI vulnerability called shellshock. Confirmed vulnerability with nikto.