In this article, we will see walkthroughs of an interesting Vulnhub machine called Fristileaks.
Please note: For all of these machines, I have used the VMware workstation to provision VMs. Kali Linux VM will be my attacking box. The techniques used are solely for educational purposes, and I am not responsible if listed techniques are used against any other targets.
Description: A small VM made for a Dutch informal hacker meetup called Fristileaks. Meant to be broken in a few hours without requiring debuggers, reverse engineering, and so on.
Name: Fristileaks 1.3
Style: Enumeration/Follow the breadcrumbs
Goal: get root (uid 0) and read the flag file
Tester(s): dqi, barrebas
Also a note for VMware users: VMware users will need to manually edit the VM’s MAC address to: 08:00:27:A5:A6:76
- Download the Fristileaks VM from the above link and provision it as a VM.
Let’s start with enumeration. First, we need to identify the IP of this machine. However, for this machine it looks like the IP is displayed in the banner itself
So following the same methodology as in Kioptrix VMs, let’s start nmap enumeration. Below we can see that port 80 and robots.txt are displayed.
Contents of robots.txt are:
However, enumerating these does not yield anything.
Nmap also suggested that port 80 is also opened. Let’s look out there.
Unfortunately nothing was of interest on this page as well. Following the banner of “Keep Calm and Drink Fristi,” I thought of navigating to the /fristi directory since the others exposed by robots.txt are also name of drinks. To my surprise, it did resolve, and we landed on a login page.
Quickly looking into the source code reveals a base-64 encoded string. Decoding (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Security Ninja. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/CX5ngErHFcc/