USV: 2017 Part 1 CTF Walkthrough

In this article, we will learn to solve another Capture the Flag (CTF) challenge which was posted on VulnHub by “Suceava University.” As you may already know from my previous capture-the-flag articles, is a platform which provides vulnerable applications/machines to get a practical, hands-on experience in conducting pen tests on applications.

You can check my previous articles for more information related to CTF challenges. In this article we will exploit a VM named “USV: 2017” on the VulnHub website. You can use the following link to download the VM and launch it on VirtualBox:

The torrent downloadable URL is also available for this VM, which is given in the reference section at the end of this article. For those who are new to CTF challenges and are not aware of this platform, VulnHub is a well-known website for security researchers which provide users with a method to learn and practice their hacking skills through a series of challenges in a safe, and legal environment.

As per the description given on the VulnHub website, this is the VM used in the online qualifications phase of the CTF-USF 2017 (Capture the Flag – Suceava University) contest which addresses to universities students. The objective of the CTF is to capture the five flag which is by the name of the city. The city list is given below for the flag.

  1. Croatia
  2. France
  3. Italy
  4. Laos
  5. Philippines

After downloading and running this machine on VirtualBox, I started exploring the VM by running a Netdiscover command to get the IP Address of the target machine. Netdiscover command output can be seen in the screenshot given below.

Command Used: netdiscover

In the above screenshot, you may see that we have got the Virtual Machine IP address, i.e., 192. (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Nikhil Kumar. Read the original post at: