Share
## https://sploitus.com/exploit?id=8FF533B4-6215-5E70-9B60-6228F28778B8
# ๐งจ Kioptrix Level 1 Penetration Testing Lab (VulnHub)
## ๐
Duration
2026
## ๐ Project Overview
Completed the Kioptrix Level 1 (VulnHub boot2root) challenge in a controlled ethical hacking home lab environment.
This project simulates a real-world penetration testing engagement, focusing on vulnerability discovery, exploitation, and privilege escalation.
---
## ๐ฏ Objective
To practice offensive security techniques and understand how vulnerable services can be exploited to gain unauthorized access.
---
## ๐ ๏ธ Tools & Technologies
- Kali Linux
- Metasploit Framework
- Nmap
- VMware Workstation
---
## ๐ Reconnaissance
- Performed network scanning using Nmap
- Identified open ports: **139 and 445 (Samba service)**
- Discovered vulnerable service: **Samba 2.2.1a**
---
## ๐ฅ Exploitation
- Exploited **trans2open buffer overflow** (CVE-2003-0201)
- Used Metasploit module:
`exploit/linux/samba/trans2open`
- Initial staged Meterpreter payload failed
- Successfully used **non-staged reverse shell payload**
---
## ๐ง Post-Exploitation
- Gained root shell access
- Verified access using:
- `whoami`
- `id`
- Retrieved proof by reading system message
---
## ๐ฏ Skills Demonstrated
- Network Scanning & Enumeration
- Vulnerability Identification
- Exploit Execution & Troubleshooting
- Penetration Testing Workflow
- Post-Exploitation Techniques
---
## ๐ Key Learnings
- Importance of exploit reliability and payload selection
- Risks of outdated and unpatched services
- Real-world penetration testing workflow (Recon โ Exploit โ Access)
---
## โ ๏ธ Ethical Disclaimer
All activities were conducted in an isolated lab environment for educational purposes only. No real-world systems were targeted.
---
## ๐ธ Screenshots
(Add screenshots of Nmap scan, exploitation steps, and root access)