CYBERSECURITY

  SECOND Once the host was identified,  scanning tool, was used to discover which services were running on the machine. The scan revealed a webpage which you can see in the picture below.   Now we are going to create a username but we can see  in the column display name ( Administrator' --) in the picture below. As we have created the username we have introduce the credentials: Username pepe Password pepe123 Here we are stay in control panel of user Pepe as you can see below. If we go to settings, we will be able to change the password and as we have discovered there is sql inyection two phases the same password to Pepe is for root Administrator .   Gotha! as you can see below we are Administrator and we have found out the flag which you can see in the picture below. Thank you very much for reading this article I hope you liked and learned something new This article has been done with ethical proposes Good Hack

  DOCKERLABS ┌──(root㉿kali)-[/home/kali/Descargas] └─# bash auto_deploy.sh dockerlabs.tar                              ##        .                                ## ## ##       ==                             ## ## ## ##      ===                         /""""""""""""""""\___/ ===                  ~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ /  ===- ~~~                \______ o          __/                             \    \        __/  ...

  MOVE ┌──(root㉿kali)-[/home/kali/Descargas] └─# bash auto_deploy.sh move.tar    Estamos desplegando la máquina vulnerable, espere un momento. Máquina desplegada, su dirección IP es --> 172.17.0.2 Presiona Ctrl+C cuando termines con la máquina para eliminarla Once the host was identified, Nmap, a port scanning tool, was used to discover which services were running on the machine. The scan revealed  port 80 (HTTP), 22 and 3000  were opened. ┌──(root㉿kali)-[/home/kali] └─# nmap -n -Pn -p- --min-rate 5000 172.17.0.2 -sV  -vvv 2>/dev/null Starting Nmap 7.95 ( https://nmap.org ) at 2026-02-28 07:45 CET NSE: Loaded 47 scripts for scanning. Initiating ARP Ping Scan at 07:45 Scanning 172.17.0.2 [1 port] Completed ARP Ping Scan at 07:45, 0.10s elapsed (1 total hosts) Initiating SYN Stealth Scan at 07:45 Scanning 172.17.0.2 [65535 ports] Discovered open port 22/tcp on 172.17.0.2 Discovered open port 80/tcp on 172.17.0.2 Discovered open port 3000/tcp on 172.17....

  APIBASE    ┌──(root㉿kali)-[/home/kali/Descargas] └─# bash auto_deploy.sh apibase.tar                              ##        .                                ## ## ##       ==                             ## ## ## ##      ===                         /""""""""""""""""\___/ ===                  ~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ /  ===- ~~~                \______ o          __/                             \    \        __/...

  HIDDEN ┌──(root㉿kali)-[/home/kali] └─# bash auto_deploy.sh hidden.tar Estamos desplegando la máquina vulnerable, espere un momento.                  Máquina desplegada, su dirección IP es --> 172.17.0.2                          Presiona Ctrl+C cuando termines con la máquina para eliminarla Once the host was identified, Nmap, a port scanning tool, was used to discover which services were running on the machine. The scan revealed  port 80 (HTTP)  was open . ┌──(root㉿kali)-[/home/kali] └─# nmap -n -Pn -p- --min-rate 5000 172.17.0.2 -sV -vvv 2>/dev/null  Starting Nmap 7.95 ( https://nmap.org ) at 2025-12-13 11:59 CET NSE: Loaded 47 scripts for scanning. Initiating ARP Ping Scan at 11:59 Scanning 172.17.0.2 [1 port] Completed ARP Ping Scan at 11:59, 0.06s elapsed (1 total hosts) Initiating SYN Stealth Scan at 11:59 Scanning 172.17.0.2 [65535 ports] Discove...