Levram 🔹

Enumeration

At port 800 we have a login page for gerapy.

Testing admin:admin works.

Initial Access

searchsploit gives us the exploit for gerapy.

Create a project in the app and execute the script.

Get the flag.

Privilege Escalation

Transfer linpeas.

python has capabilities so:

Post Exploitation

Get the flag.