Bullybox 🔸

Enumeration

Add bullybox.local to /etc/hosts

We find https://github.com/0xk4b1r/CVE-2022-3552 but we need admin credentials

Using feroxbuster we can use -x git and get a .git repository

Download with git-dumpener

Initial Access

Privilege Escalation

The user has sudo privs with ALL so

Post Exploitation

Get the flag