This is a fun box where we have to exploit an authenticated file upload vulnerability to get a shell on the machine. The credentials for the authentication to the Koken CMS is revealed in an open file share.

This is a fairly easy beginner friendly machine which can have some real life scenarios. Here, we have anonymous login enabled and we can download and read files.