Share
## https://sploitus.com/exploit?id=8FF533B4-6215-5E70-9B60-6228F28778B8
# ๐Ÿงจ Kioptrix Level 1 Penetration Testing Lab (VulnHub)

## ๐Ÿ“… Duration
2026

## ๐Ÿ“Œ Project Overview
Completed the Kioptrix Level 1 (VulnHub boot2root) challenge in a controlled ethical hacking home lab environment.

This project simulates a real-world penetration testing engagement, focusing on vulnerability discovery, exploitation, and privilege escalation.

---

## ๐ŸŽฏ Objective
To practice offensive security techniques and understand how vulnerable services can be exploited to gain unauthorized access.

---

## ๐Ÿ› ๏ธ Tools & Technologies
- Kali Linux  
- Metasploit Framework  
- Nmap  
- VMware Workstation  

---

## ๐Ÿ” Reconnaissance
- Performed network scanning using Nmap  
- Identified open ports: **139 and 445 (Samba service)**  
- Discovered vulnerable service: **Samba 2.2.1a**  

---

## ๐Ÿ’ฅ Exploitation
- Exploited **trans2open buffer overflow** (CVE-2003-0201)  
- Used Metasploit module:
  `exploit/linux/samba/trans2open`  
- Initial staged Meterpreter payload failed  
- Successfully used **non-staged reverse shell payload**  

---

## ๐Ÿง  Post-Exploitation
- Gained root shell access  
- Verified access using:
  - `whoami`  
  - `id`  
- Retrieved proof by reading system message  

---

## ๐ŸŽฏ Skills Demonstrated
- Network Scanning & Enumeration  
- Vulnerability Identification  
- Exploit Execution & Troubleshooting  
- Penetration Testing Workflow  
- Post-Exploitation Techniques  

---

## ๐Ÿ“š Key Learnings
- Importance of exploit reliability and payload selection  
- Risks of outdated and unpatched services  
- Real-world penetration testing workflow (Recon โ†’ Exploit โ†’ Access)  

---

## โš ๏ธ Ethical Disclaimer
All activities were conducted in an isolated lab environment for educational purposes only. No real-world systems were targeted.

---

## ๐Ÿ“ธ Screenshots
(Add screenshots of Nmap scan, exploitation steps, and root access)