Vulnhub Prime: 1 — A Local File Inclusion (LFI) Vulnerability This walkthrough will attempt to solve VulnHub’s Prime 1 CTF VM. The box contains several vulnerabilities, but the exploit chain …

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A walkthrough of the VulnHub Prime 1 CTF machine, focusing on exploiting a Local File Inclusion (LFI) vulnerability. The process covers network reconnaissance with Nmap, directory enumeration with Dirb, discovering a WordPress installation, exploiting an LFI in image.php to read /etc/passwd, using found credentials to access WordPress, uploading a PHP reverse shell, and finally escalating privileges to root using a kernel exploit found via Searchsploit.