Share
## https://sploitus.com/exploit?id=661F6B2B-EBE5-5620-9436-31FF4CD423E4
# Black_Box-Penetration-Testing
Black-box penetration test against Jangow01 vulnerable VM โ€” achieving full root compromise through command injection, credential exploitation, and kernel privilege escalation.
# Jangow01 - Penetration Testing Report
### CSI_7_PTE - Penetration Testing and Ethical Hacking | LSBU 2025/26

## Overview
A full black-box penetration test conducted against the Jangow01 
vulnerable virtual machine from VulnHub. The assessment resulted 
in complete system compromise achieving root-level access through 
a chain of five exploitable vulnerabilities.

## Target
- Machine: Jangow01 v1.0.1 (VulnHub)
- OS: Ubuntu Linux 16.04
- IP: 192.168.56.118
- Attacker: Kali Linux (nafia28) - 192.168.56.101

## Attack Chain
1. OS Command Injection (busque.php) โ€” CVSS 9.8 Critical
2. Plaintext credentials exposed in config.php
3. Password reuse โ€” FTP access as jangow01
4. PHP web shell uploaded via world-writable directory
5. Reverse shell on port 443 (bypassed egress firewall)
6. Kernel exploit CVE-2017-16995 (45010.c) โ€” root obtained

## Tools Used
- Nmap โ€” port and service scanning
- Gobuster โ€” web directory enumeration
- WPScan โ€” WordPress enumeration
- Netcat โ€” reverse shell listener
- Searchsploit โ€” kernel exploit discovery
- GCC โ€” exploit compilation
- FTP client โ€” file transfer to target

## Vulnerabilities Found
| Vulnerability | CVSS | Severity |
|---|---|---|
| OS Command Injection | 9.8 | Critical |
| Plaintext Credentials | 9.8 | Critical |
| Password Reuse | 8.1 | High |
| World-Writable Directory | 7.2 | High |
| Outdated Kernel CVE-2017-16995 | 7.8 | High |

## Result
Full root access achieved. 
Flag: da39a3ee5e6b4b0d3255bfef95601890afd80709

## Disclaimer
This penetration test was conducted in a controlled lab 
environment against a deliberately vulnerable machine with 
full authorisation. All activities were performed for 
educational purposes only as part of academic coursework.