Skip to content

Wombo -- Proving Grounds (write-up)

Difficulty: Easy / Beginner Box: Wombo (Proving Grounds) Author: dsec Date: 2025-02-10

TL;DR

Straightforward enumeration and exploitation. Screenshots tell the story.

Target info

  • Host: Wombo (Proving Grounds)

Enumeration

Nmap results

Web enumeration

Service discovery

Further enumeration

Exploitation

Exploitation step 1

Exploitation step 2

Shell access

Proof

Lessons & takeaways

  • Some boxes are straightforward -- enumerate thoroughly and follow the obvious path
  • Don't overthink easy targets