This article describes a comprehensive two-week network penetration testing challenge involving multiple exploitation techniques to retrieve four flags from target hosts. It covers methods including SMB share access, web application vulnerabilities, SSH pivoting, port knocking, and privilege escalation leveraging CVE-2025-32463. #SilentFootprint #WebRCE #SMBShare #CVECVE-2025-32463
Keypoints
- The penetration test involved enumeration, web and SMB exploitation, and privilege escalation.
- Port knocking was used to reveal hidden services, including Samba on port 445.
- Public SMB shares provided access to files containing flags and credentials.
- Wolf CMS vulnerability enabled remote code execution through file upload.
- The final privilege escalation exploited CVE-2025-32463 via chroot environment manipulation.
Read More: https://infosecwriteups.com/silent-footprint-ctf-by-ine-663f4b7ee3d6?source=rss—-7b722bfd1b8d—4