When machine was ready I started (as usual) to scan the target. "Accidently" I did not type su to go to root on my Kali but I typed us instead of... and this is how I found the unicorn scanner installed on Kali ;] (so below you will find 'us' - not nmap). Check it out:
There is only one (tcp) port open on the target machine - www (80/tcp), so my guess was to open IP address in the browser (as you can see - there is Drupal CMS installed).
I decided to 'check' the version (by looking at the source of the main page):
I like to learn a little bit about the hacked machine, so I decided to check some files available on the box... Just to look around ;]
Nice. Checking...
(Not-so-cool-output like during the Kvasir CTF but we will handle it;])
...like this:
Cool :] Let's check dave.tc file now... (I copied it to /var/www/html to download it to my KaliLinux)
Unfortunately I couldn't find the password, so I decided to go back to checking filesystem...
hm. does it look like a hint from Dave? Let's try to check it:
(... after ~30 minutes without any results I decided to use the hint from Dave...)
Get 11-long-words/passwords only + grep them for '?cadem?'... Right?
So we are here:
Good! Checking:
Ok, file was mounted but I still couldn't access the data on it ('would you like to format the disk?' - no). So I tried to find a solution to extract the content of the dave.tc file...
After a while... I found an interesting link and now I was able to check the dave.tc again:
[:
Checking:
It was very nice CTF, I really enjoyed it. :] Big thanks goes to the author (as well to the VulnHub for hosting all of those cool resources).
Cheers
o/
Brak komentarzy:
Prześlij komentarz