[VIDEO] Droopy: v0.2 CTF Solution

| Posted in Security Videos |


This video demonstrates how I solved the vulnhub Droopy v0.2 CTF challenge.



  • Use Netdiscover to get the IP address of our target (Reconnaisance)
  • Use Nmap to do a detailed scan of the target (Information Gathering)
  • Use a publicly-available drupal exploit to creat admin account (Gaining Access)
  • Upload a reverse connect script which will open an outbound TCP connection from the webserver to your host (Remote Access)
  • Use a Ubuntu local privilege escalation exploit to gain root privileges (Privilege Escalation)