Find open ports (22, 80, 3306, 33060)
Foothold
Login to port 80 with default credentials ( admin:admin)
Download a diagnostics report to get SuiteCRM version
Admin > Diagnostics Tool > Run the tool > Download the Diagnostic file
Unzip it. Then find version number in config.php:
Access
Find and use an authenticated SuiteCRM v7.12.3 exploit
Obtain local.txt
Privilege Escalation
Find www-data has sudo privileges to execute /usr/sbin/service
Run service with sudo to obtain a root privileged shell
Obtain proof.txt
