Venus Vulnhub Machine

This project focused on exploiting the Venus machine from VulnHub to gain user and root access. After identifying the IP address and scanning for open ports, we used Hydra for brute-forcing login credentials and retrieved the user flag.

For privilege escalation, we used linPEAS to identify a CVE-2021-4034 vulnerability in polkit, exploiting it to gain root access and retrieve the root flag.

The goal was to showcase skills in brute-forcing, SQL injection, web security auditing (using Burp Suite), and privilege escalation

Screenshots