Category

Technology

Category

Simple CTF is, as described, a simple CTF; by TryHackMe. This write-up is also available here. How many services are running under port 1000? kali@kali:~/Desktop/TryHackMe$ nmap target.thm -A Starting Nmap 7.80 ( https://nmap.org ) at 2020-09-15 14:10 EDT Nmap scan report for target.thm (target.thm) Host is up (0.019s latency). Not shown: 997 filtered ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 | ftp-anon: Anonymous FTP login allowed (FTP code 230) |_Can't get directory…

LazyAdmin is a Linux-based CTF from TryHackMe. This box features a poorly setup up CMS, opportunities to execute code, and some privilege escalation. I very much enjoyed this box. Task 1 What is the user flag? Nmap Enumeration After running nmap, we can see there are 2 open ports: 22, SSH 7.2p2; 80, HTTP on Apache 2.4.18. kali@kali:~/Desktop/TryHackMe/lazyadmin$ nmap -A target.thm Starting Nmap 7.80 ( https://nmap.org ) at 2020-09-12 15:48 EDT Nmap scan report for…

Skynet is a Terminator themed CTF box from TryHackMe. It was an interesting box that uses: Samba exploitationRFI (remote file inclusion)Reverse netcat shellExploiting tar checkpoints for privilege escalation 1. What is Miles password for his emails? Enumeration Summary Ports: 22,80,110,139,143, 445Services: Apache/2.4.18, IMAP4rev1, SMB, SSHComputer name: skynetNetBIOS computer name: SKYNET\x00OS: UbuntuWorkgroup: WORKGROUPSMB Shares: IPC, anonymous, milesdyson, print Nmap kali@kali:~$ nmap -A 10.10.183.111 Starting Nmap 7.80 ( https://nmap.org ) at 2020-09-10 15:16 EDT Nmap scan report…

Kenobi is TryHackMe CTF on exploiting Linux machines through Samba, proftpd and privilege escalation through manipulation of PATH variables. Task 1 – Deploy the vulnerable machine 1. Make sure you’re connection to our network and deploy the machine. Connect to VPN, hit Deploy button. 2. Scan the machine with nmap, how many ports are open? kali@kali:~/Desktop/TryHackMe/kenobi$ nmap 10.10.130.214 Starting Nmap 7.80 ( https://nmap.org ) at 2020-09-09 18:30 EDT Nmap scan report for 10.10.130.214 Host is…

BountyHunter is a pretty good “bounty hunter” anime-themed CTF from TryHackMe. It might be from a show called “cowboy bebop”? I’m not really sure, enjoyable CTF anyway. The box requires some: General enumerationSSH brute-forcingExploiting FTP anonymous accountExploiting tar for privilege escalation Task 1 1. Deploy – 2. Find all open ports on machine nmap -A -p- target.thm -v Scanning target.thm (10.10.237.73) [65535 ports] Discovered open port 22/tcp on 10.10.237.73 Discovered open port 21/tcp on 10.10.237.73…

The Linux Challenges room gives a nice introduction to some general Linux commands, and generally usage of Linux commands to find loot. Task 1# Linux Challenges Introduction 1# Deploy the machine and SSH in Pretty simple task, just SSH into the box. ssh garry@10.10.68.44 Once you’re in, take a look around to find how many flags there are. ls -lah Task 2# 1# What is flag 1? cat flag1.txt 2# Login into bobs account ……

The Alfred room on TryHackMe focuses on exploiting Jenkins. A commonly misconfigured automation tool that developers use for continuous integration/deployment. Alfred is a subscription only room. Initial access This task requires you to deploy the machine and load up Nishang to gain initial access. Nishang is a framework and a collection of scripts and payloads which enable usage of PowerShell for offensive security by nikhil_mitt. Nmap (TCP) Start by scanning the machine with nmap. This…