Cyber Security | CTF | Vulnhub | BassamCTF | Subdomain Enumeration, Lateral Movement & Privesc

In this VulnHub CTF machine walkthrough, we explore a web app that initially shows only a blank page. But the real challenge begins when we dive into its source code and uncover a hidden domain name, which we add to /etc/hosts. With nothing but a simple message on the domain, we conduct subdomain enumeration using wfuzz and discover a hidden subdomain that allows file downloads. Using Gobuster, we identify two key files—one of which contains SSH credentials. This opens the door to our first foothold on the target. Next, we inspect .bash_history and realize one command which has some to do with one encrypted file. A hidden directory reveals a custom decoder, helping us extract the password of another user—enabling a lateral movement. The challenge continues with command injection, another user escalation, and finally, we leverage a writable /etc/hosts file to set up a reverse shell. We execute a script with sudo that gives us full root privileges! 🔧 Tools & Techniques Used: wfuzz Gobuster SSH Credential Harvesting Lateral Movement Command Injection Writable /etc/hosts Privilege Escalation Reverse Shell via Web Server 💻 Perfect for: CTF lovers, penetration testers, and ethical hackers looking to sharpen their skills in real-world scenarios. 🔔 Don't forget to like, subscribe, and hit the bell icon for more realistic hacking labs & walkthroughs! #ctf #linuxcommandlinetutorial #cybersecurity #computersecurity #computerhacking #informationsecurity #kali #vulnerability #vulnhub #hacker #commandinjection #privilegeescalation