PWN The PwnLab

by Warlock Oct. 7, 2017 via INFOSEC Institute

Here is another interesting boot2root challenge we are going to solve. The vulnerable machine’s name is PwnLab. We hosted the machine in VirtualBox and fired nmap on its IP address and below is the resultIn the above result, we can see, there are four ports are open. We started from port 80 which was running a web application.The application contains a login page, home page, and upload page. We browsed for robots.txt file, but the file does not exist on the application, so we ran dirb tool for finding the internal files in the application: As we can see, one new file it found config.php but the file response size is 0. Let us try to access that file from the browser.