InfoSecPrep Box Proving grounds. As we approach any penetration testing engagement we start with information gathering, information gathering in Cyber Security is a crucial step that should not be …

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A walkthrough of the InfoSecPrep box on Offensive Security's Proving Grounds platform. The process covers nmap scanning to discover open ports, using wpscan to enumerate a WordPress 5.4.2 installation, finding a base64-encoded SSH private key in a secrets directory via robots.txt, gaining SSH access as the OSCP user, and escalating privileges using bash/sudo vectors identified by Linpeas.sh and documented on GTFOBins.