Pandora
Pandora
Pandora 423
Pandora
RETIRED MACHINE

Pandora

Pandora - Linux Linux
Pandora - Easy Easy

4.4

MACHINE RATING

9390

USER OWNS

8564

SYSTEM OWNS

08/01/2022

RELEASED
Created by TheCyberGeek & dmw0ng

Machine Synopsis

Pandora is an easy rated Linux machine. The port scan reveals a SSH, web-server and SNMP service running on the box. Initial foothold is obtained by enumerating the SNMP service, which reveals cleartext credentials for user `daniel`. Host enumeration reveals Pandora FMS running on an internal port, which can be accessed through port forwarding. Lateral movement to another user called `matt` is achieved by chaining SQL injection & RCE vulnerabilities in the PandoraFMS service. Privilege escalation to user `root` is performed by exploiting a SUID binary for PATH variable injection.

Machine Matrix

Ready to start your
hacking journey?