11 April 2021

Pentesting Fun Stuff

following the cyber security path…

billu: b0x




This is the first Boot2Root from Manish Kishan Tanwar and the official description is not telling much, except that it’s using Ubuntu, PHP, MySQL and Apache. This challenge should have medium difficulty with tricks. The goal is to break into the VM using web application and from there escalate privileges to gain root access.

Getting started

Let’s see what is running on this system.

When browsing to the webserver I get a login page which invites me to do some SQL injection.

After several manual and automated tries I get no luck with the SQLi invitation. Next step is some enumeration.

Looks like the SQLi invitation was a distraction. Several interesting pages, including a   phpMyAdmin page.
First I’ll take a look at  add.php. Unfortunately it doens’t really do anything except wasting my time.

Next one on my list is   test.php.

It needs a ‘file’ parameter.

Now for some credentials.

Wow….that was almost to easy.

Sweet.  But I still got some question marks left. What about those odd pages in the DirSearch scan? What about phpMyAdmin?
It feels like I cheated with gaining the root key.


This was a fun challenge with some nice features. The final part was over faster then I had anticipated and I think there are maybe multiple ways to get there. But for now I’m content. Maybe at a later stage I’ll explore other options and update this post.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.