wtorek, 12 marca 2019

Temple Of Doom1 CTF

This time I tried "Temple Of Doom CTF" from Vulnhub. Below you will find few details...

We will start here just right after the boot:

So - as usual - quick portscan:

After googling for "Node.js Express framework exploit" I found this interesting post:

I decided to check it on 'my target':

More tests:

Then I used Burp to prepare a payload:

I started preparing a final payload using venome.sh:

Checking with Burp:

Small poc in action:

...and we should be somewhere here:


Now, I started enumerating OS:


More, to find other user(s):



And again:

Unfortunately there was now 'active' fireman user... :| (*bug or I'm missing something?)

I tried few more options...

I think 'the bug' (according to some "resources available online") is here (but correct me if I'm wrong please):

Last check:

So... This CTF will be continued as soon as I will figure out what next should be done to r00t it... ;)

(* if you have any hints - feel free to leave a comment or drop me an email/@msg. thanks)

See you next time.


Brak komentarzy:

Prześlij komentarz