Posts

Showing posts from June, 2020

Troll 3 CTF Walkthrough

Image
Troll 3 CTF Walkthrough   In this article we will see a walkthrough of the Tr0ll 3 virtual machine. Tr0ll 3 Details Download Tr0ll 3: https://www.vulnhub.com/entry/tr0ll-3,340/   VM Description   The latest version of the Tr0ll series. This one is a little different from the previous iterations, I would say still on the beginner++ level. I hope everyone has fun, be sure to tag @Maleus21 with screen shots of the flag. You will need to login with start:here Type: Boot 2 Root Goal: Obtain flag.txt Difficulty: Beginner++ Fun level: Over 9000         Penetration Methodology: l  Network Scanning (Nmap, netdiscover) l  Msf console l  Aircrack-ng tool l  Lynx : Lynx is a popular terminal based web browser on all flavors of Linux and it displays plain ASCII text on your terminal. l  SSH login l  Privilege Escalation l  Get root access l  Capture the flag L et’s try to find the IP of this machine using  arp-scan or ne...
Post a Comment
Read more

Bulldog 1 ctf Walkthrough

Image
Bulldog 1 Walkthrough The name of the Virtual machine is “Bulldog 1” that we are going to crack.  It is a Boot2Root VM that we are going to solve. This is a web-based VM. Our main goal is to escalate the privileges to root and capture the flag. You can download it from a  https://www.vulnhub.com/entry/ bulldog-1,211/ Penetration Methodology: 1. Network Scanning (Nmap, netdiscover). 2. Directory Brute-force (dirbuster). 3. Decrypt the data using www.crackstation.net  4. Finding vulnerabilities in dev page. 5. Get into the shell for privilege escalation. 6. Switch user (su) and submit the stolen password. 7. Take root access and capture t  First we have to find out the open ports using namp command. Command used: nmap -A 192.168.0.5  or arp-scan -l  I t gives the ip addresses of machines presented in your system. In above we found some open ports are open ssh and http . In this we found that a wgi s...
Post a Comment
Read more

Troll 1 CTF Walkthrough

Image
Troll 1 CTF Walkthrough   In this article we will see a walkthrough of the Tr0ll: 1 virtual machine. Tr0ll: 1 Details Download Tr0ll: https://www.vulnhub.com/entry/tr0ll-1,100/ VM Description The goal is simple, gain root and get Proof.txt from the /root directory. Penetration Methodology: l  Network Scanning (Nmap, netdiscover) l  Anonymous FTP login l  Abusing web browser l  Brute-force attack (hydra) l  SSH login l  Privilege Escalation l  Get root access l  Capture the flag L et’s try to find the IP of this machine using  arp-scan or netdiscover . Below, we can see our results: the IP address is found as 192.168. 0.8 . Commands used : arp-scan -l or netdiscover L et’s run Nmap scans on the target server to get more information about it. Command used : nmap -A 192.168.0.8 I have done here an aggressive scan and We can see that below that the Nmap finds port 80 open, ...
Post a Comment
Read more