Basic Pentesting by Josiah Pierce

Photo by Markus Spiske on Unsplash
IP =*
Difficulty: Easy
Machine OS: Linux
Learning Platform:
Finished on: Kali Linux VM


Syntax: sudo vi /etc/hosts , then press i to enter insert mode.

Syntax: export IP=

Preliminary Enumeration

Open Ports and Service Versions:

- SSH (Secure Shell)(22), Version: OpenSSH 7.2p2
- HTTP (HyperText Transfer Protocol)(80) Version: Apache 2.4.18
- SMB (Server Message Block)(139 & 445), Version: Samba smbd 4.3.11-Ubuntu
- AJP13 (Apache JServ Protocol)(8009)
- HTTP-Proxy(8080), Version: Apache Tomcat 9.0.7

Machine OS: Ubuntu Xenial


dev.txt (about web development ideas)

j.txt (about password policy)

2. SMB Enumeration

Possible Usernames:

1. kay

2. jan

Possible Exploits


Credentials Found via Hydra


Privilege Escalation

Internal Enumeration

Horizontal Privilege Escalation

Explanation: we use to convert kay_id_rsa file to a hash that can be used against john and writes it to a file named kay_id_rsa_hash.

Credentials Found by John


Vertical Privilege Escalation

Note: Enumeration is key!

Credentials Found in Kay’s Home Directory



The next two steps are not necessary for completion of the machine but it completes the 5 Phases of Penetration Testing.

Post Exploitation / Maintaining Access

Clearing Tracks

Status: Finished

Feel free to reach out and if there is something wrong about the above post.

Donation Box

Not required but appreciated :D

Buy Me A Coffee

Self-taught cybersecurity learner :D