Home Unlabelled bossplayersCTF : 1

bossplayersCTF : 1

By
Friday, October 11, 2019
Read
Add Comment




Aimed at Beginner Security Professionals who want to get their feet wet into doing some CTF's. It should take around 30 minutes to root.



Download : https://www.vulnhub.com/entry/bossplayersctf-1,375/

Difficulty : Beginners

Format : OVA (VirtualBox)



To find the IP address of the box in the network by running nmap.



001.png



Further scan all ports of the box.



002.png



The website is running on port 80.



003.png



Check the source code of the page and found a hash at the bottom of the page.



004.png



005.png



Suspected that the hash is base64 decoded. Try to decode it.



006.png



After the decoding, the result is "workinprogress.php". Let's browse it.



007.png



The page says that "test ping command". Let's test it for "cmd" parameter.



008.png



The command is executed. To pawn a reverse shell.



009.png



To find if there is any file with sticky bit.


010.png



The result is "find". Try to privilege escalation.



011.png



012.png



Decode the "root.txt". Root is dancing!



013.png



After thought



It is a traditional Capture The Flag (CTF) box with base64 decode and sticky bit searching. Recommended.



Samiux

OSCE OSCP OSWP

October 12, 2019, China, Hong Kong




Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us