Odin: 1 Walkthrough Vulnhub

Hey folks !! Today I have another boot2root challenge to solve named as odin. odin 1 is an easy level virtual machine created by ‘Bjorn’ ,So without any further ado lets start hacking.

here is the link to downlaod this VM: -https://www.vulnhub.com/entry/odin_1,619/

1.) Traget Discovery

The ip address our target machine is ‘192.168.1.8’

before starting, don’t forget to enter the ip address in your /etc/hosts as ‘odin’

example: 192.168.1.8 odin

2.) Port Scanning and Version Detection

Only port 80 is open on the vm means HTTP.

3.) HTTP Enumeration

It’s a wordpress installation on the vm and with some manual enumeration I got the right user which is ‘admin’

Then used ‘wpscan’ tool to brute-force the password for the user

‘# wpscan — usernames admin — passwords pass.txt — url http://odin/ — password-attack wp-login ’

And got the credentials ‘admin:qwerty’

4.) The Shell

5.) Privilege Escalation

Their is a root user password (encrypted) in the file, So I copied that password hash and cracked with the help of JohnTheRipper.

Cracked the root password which is ‘jasmine’.

Then I switched my user to root and finally got the root privilege.

Got the root flag. In root directory the final flag was in ‘bjorn’ file.

ROOTED :) !!

twitter :- @Exploiter_21