Quaoar VM – Walkthrough

Hi Friends,

Today we are solving the Quaoar VM from vulnhub.com, This VM is for beginners

192.168.174.135 – Quaoar VM (Target Machine)
192.168.174.128 – Kali Linux (Attacker Machine)

The first thing we have to do is information gathering, i will be using nmap and nikto tools

i run nmap scan on the target host

Found port 80 is open and tried to access in browser

run nikto on target host, nikto -h 192.168.174.135

and found robots.txt and wordpress are accessible, means site running on wordpress

Find the version of wordpress by using “readme.html”

run wpscan – wordpress security scanner and found default user name admin is active

Login with default username “admin” and password as “admin”. i directly logged in as admin

Downloaded PHP Reverse Shell from pentestmonkey and updated IP and Port no

Go to wordpress admin -> Apperance ->Edit themes -> header.php , replace existing code with PHP reverseshell code.

Start Netcat in Kali Linux and connect to port no which we given in reverse shell

We got reverse shell, but we are not root. Now access the “wp-config.php”

we found Password as “rootpassword!”

In kali terminal SSH root using password we got

Now we logged in as root, access Flag.txt

Thank You

Share Button

Leave a Reply

Your email address will not be published. Required fields are marked *

7 + 5 =