Sorcerer 🔸

Enumeration

The web server shows a 404 not found. Let's try feroxbuster.

Port 7742 shows a login form, but it is not working; the front always shows invalid login.

feroxbuster finds a zipfiles path.

We find an id_rsa key in Max's zip.

We also find a Tomcat password.

A wrapper prevents SSH access, only scp.

The authorized keys use this wrapper, so we can remove it and scp it to replace it, and connect with SSH normally.

Get the flag.

Get the flag.