Vulniverse

Brainpan 1 is a vulnerable VM by  @superkojiman  and was posted to Vulnhub back in 2013. I picked it at random while browsing through some of the older entries, looking for my next target. There is minimal information provided in advance, so it's a really black-box challenge. Great! Let's see what we can do with this ... Nmap revealed an interesting result - just two, unusual ports open and something weird going on with one of them: Checking them both out with a web browser, I got the following back: 9999 looked interesting so I fired up netcat and spent a bit of time interacting with the service: Ok so it was clear that this was an important service but without a password I wasn't going to get very far. I switched attention to the Python SimpleHTTP server on port 10000 and, after a quick look at view-source, decided that brute forcing some further files and/or directories was going to be required. I quickly discovered a /bin/ directory and wit