Amatersau is an intentionally-vulnerable target on offsec.com’s proving grounds.
We practice targeting them for points while connected via a point-to-point VPN link using openvpn.
Simply create an account at https://portal.offsec.com/labs/play, download your VPN cert and connect with #openvpn universal.ovpn
For now, using rustscan, we find these ports open:
21/tcp open ftp vsftpd 3.0.3 – Has a vuln but it’s a DoS one. Not really useful. $searchsploit vsftpd to view it.
25022/tcp open ssh OpenSSH 8.6 (protocol 2.0) – Lots of SSH vulns in searchsploit but none for this ver.
33414/tcp open http Werkzeug httpd 2.2.3 (Python 3.9.13) – Nothing found at http://target:33414
40080/tcp open http Apache httpd 2.4.53 ((Fedora)) – curl http://target:40080 Shows some firefox placeholder.
dirsearch -u “http://192.168.180.249:33414/” -i 200,301 -t 20 – Found stuff
to be continued.
Hungry.