DC-1 VulnHub Walkthrough

<p>DC-1 is a VulnHub CTF, also featured on OffSec Proving Grounds. It was fairy simple and revolved around an old version of the Drupal CMS and a binary file with the SUID bit set.</p> <h1><strong>Phase 1: recon</strong></h1> <p>I started by using nmap to see what was running on this server, but ultimately the only service that I needed was the http server on port 80.</p> <p><img alt="" src="https://miro.medium.com/v2/resize:fit:702/1*DEfWOzDyX_jJQvYxPbilCA.png" style="height:218px; width:638px" /></p> <p>The HTTP server was hosting Drupal CMS.</p> <p><a href="https://medium.com/@wlevi/dc-1-vulnhub-walkthrough-fe0c0ff7af75"><strong>Website</strong></a></p>