InfoSec LAB

vagrant

The presence of the vagrant account suggest that the target system was provisioned using the vagrant software. By default the vagrant software uses the following credential; vagrant:vagrant

www-data@ubuntu-xenial:/var/www$ su vagrant
Password: vagrant
 
vagrant@ubuntu-xenial:/var/www$ whoami
vagrant
vagrant@ubuntu-xenial:/var/www$ hostname
ubuntu-xenial
vagrant@ubuntu-xenial:/var/www$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
3: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:50:56:9e:46:dc brd ff:ff:ff:ff:ff:ff
    inet 192.168.239.217/24 brd 192.168.239.255 scope global ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:fe9e:46dc/64 scope link 
       valid_lft forever preferred_lft forever

Lateral Movement made to the vagrant account with the default password

InfoSec LAB

Explorer

Blogger_Lateral_Movement_vagrant

vagrant

Interactive Graph View

Backlinks