Knock knock.. who’s there? Time for a new exploit challenge! This time the challenge is a VM created by zer0w1re on VulnHub. I got a tip from a friend who actually build the vulnerable binary in the VM so I gave it a go 😀 .

Beginning

After mounting the VM and doing an initial nmap scan to locate the VM I fired up a second nmap scan to get an indication what is running on the box. Nmap returned one port: 1337!

After connecting to the service on port 1337 we get three seemingly random numbers. Let’s start knocking! Continue reading →