Matrix:2 walkthrough | vulnhub

for educational purpose only... 00:12 - nmap result 01:32 - opening all the ports in browser 03:39 - finding robots.txt 04:52 - playing with file parameter 05:14 - way to LFI (Local File Inclusion) 06:40 - looking to /etc/passwd via LFI 06:56 - identifying a local user 07:30 - looking for ngnix directories & files 08:43 - location for nginx .htpasswd 09:02 - getting encrypted password in .htpasswd 10:23 - decrypting .htpasswd password 11:56 - loging with .htpasswd credentials 12:13 - reviewing page source 12:36 - download image file 13:21 - extracting .txt file from image 15:39 - logging with n30 credentials in ShellInABox 16:50 - looking at .bash_history 17:01 - way to root 17:51 - root flag.txt captured