VulnUni – Vulnhub boot2root machine2 min read

My 2nd boot2root machine for Vulnhub
This one is more realistic without any CTF elements and pretty straight forward.
Nothing fancy, nothing sophisticated. For initial foothold till root you must stick to the ultra basic stuff. Just keep it simple.
Most of the real life vulnerable systems I have faced are just outdated or misconfigured software/services.
I mean you probably won’t find a root password hidden inside an image or a cronjob that runs a world-writable bash script as root.

You can download it from here: https://www.vulnhub.com/entry/vulnuni-1,439/

Goal: Hack your University and get root access to the server.
To successfully complete the challenge you will need to get user and root flags.
Difficulty: Easy / Beginner Level

Need hints? Twitter @emaragkos
DHCP is enabled
Good luck and have fun

Also your feedback is really valuable for me!
Was there something that you didn’t like about it? Maybe something you have liked more if it was different?
Please leave your comments. Also if you have completed the challenge and wish to write a walkthrough I will be happy to add it here 🙂

Writeups (The order is strictly chronological)

 IF YOUR BOX CRASHES DURING PRIVILEGE ESCALATION CLICK HERE TO GET A HINT 
REVEAL SPOILER

Hidden content

 YOU ARE USING THE WRONG EXPLOIT! USE [THIS] AND READ THE EDB NOTE 

 So immediately after you get a root shell with the exploit mentioned above (40616), doing “echo 0 > /proc/sys/vm/dirty_writeback_centisecs” will make the compromised system more stable. 

@infosecnoodle
https://medium.com/@sudonoodle/vulnuni-1-vulnhub-walkthrough-81919fb67a8c

@NahamSec with @STOKfredrik @d0nutptr
https://www.twitch.tv/videos/572111363 (part1)
https://www.twitch.tv/videos/572285068 (part2)

@_sup3rhero1
https://www.youtube.com/watch?v=AzBUDx1BuzI

@David_Uton
https://github.com/m3n0sd0n4ld/writeups/blob/master/Write%20VulnUni%20-%20vulnhub.pdf

Alper Basaran
https://www.youtube.com/watch?v=HUTmE1PoLpI

Hacknos
https://www.hacknos.com/vulnuni-1-0-1-walkthrough-vulnhub/

Haclabs.org
https://www.haclabs.org/post/vulnuni-1-0-1-walkthrough

@neeeraanjan
https://medium.com/@itsnee/vulnuni-v1-0-1-ctf-writeup-4b998780dd6e

@pixelbit131
https://www.youtube.com/watch?v=eEj2NQsW0_U

HaK-Exploit
https://www.youtube.com/watch?v=d–eEyzONbs

HackingArticles @prabhjotdunglay
https://www.hackingarticles.in/vulnuni-1-0-1-vulnhub-walkthrough/

@SecuCyberdef (French)
https://medium.com/@secucyber/vulnuni-ctf-write-up-vulnhub-b5fec8c2a5ed

@c0rrupt3d_brain
https://medium.com/@sagar__jain_/vulnuni-1-0-1-walkthrough-writeup-vulnhub-5a2012e032d2

@tbutler0x90
https://tylerbutler.io/vulnuni-ctf-write-up/
https://tylerbutler.io/wp-content/uploads/2020/06/ButlerTyler-VulnUni_CTF_WriteUp.pdf

ethicalhackingguru
https://ethicalhackingguru.com/the-vulnuni-1-vulnhub-walkthrough-without-metasploit/

Leave a Reply

Your email address will not be published. Required fields are marked *