This lab emphasizes different enumeration methods, particularly web enumeration, to uncover vulnerabilities. Learners will exploit CVE-2022-25018 for initial access. The lab also teaches privilege escalation techniques to gain higher-level access within the system.
Leverage a misconfigured PostgreSQL database server that is listening on all interfaces with default credentials to gain code execution in this lab. Next, exploit misconfigured SUID permissions on the /usr/bin/find binary for privilege escalation. This approach enhances your skills in identifying misconfigurations and escalating privileges effectively.
You are required to leverage enumeration techniques, including web enumeration, to uncover potential vulnerabilities. The lab involves exploiting CVE-2022-26134 and abusing cronjobs to gain unauthorized access. This lab focuses on understanding and exploiting vulnerabilities to enhance security awareness.