->tonythetiger




User part :



-> Run Nmap Scan





-> You can see many ports are open





-> i run version scan using Nmap, lets check port 8080,It shows Jboss is installed





-> Lets check for version





-> i found a github repo which is used for jboss exploitation





-> i run the code and got shell, now iam cmnatic





-> while reading note in jboss directory i got jboss's password





-> i tried that credentials with ssh and got shell and user flag





Root Part:



-> i found i can run /usr/bin/find with sudo privilege





-> i searched find in gtfobins and got command for shell





-> i tried and now iam root. i got flag but it is in encrypted format, lets decrypt it





-> i decoded with base64 and got a string





-> i checked with hash-identifier and it's MD5 hash





-> so i wrote hash to a file





-> using hashcat i cracked the flag