Bullybox 🔸

Enumeration

Add bullybox.local to /etc/hosts.

We find CVE-2022-3552, but we need admin credentials.

Using feroxbuster, we can use -x git and get a .git repository.

Download with git-dumper:

Initial Access

Privilege Escalation

The user has sudo privileges with ALL, so:

Post Exploitation

Get the flag: