2024-09-17
Trust - SSH Brute-Force and Vim Sudo Privilege Escalation
Technical writeup detailing the compromise of the 'Trust' challenge. Methodology includes Nmap scanning and web fuzzing via Gobuster to identify hidden resources, a targeted Hydra brute-force attack to obtain SSH credentials, and final privilege escalation by exploiting the NOPASSWD sudo permission on the Vim binary.