Toppo: 1 Capture-the-Flag Walkthrough

In this article, we will learn to solve the “Toppo: 1” Capture-the-Flag (CTF) challenge which was posted on VulnHub by Hadi Mene. According to the information given in description by the author of the challenge, this CTF is not very hard and does not require advanced exploitation. You can use this link to download the VM and launch it on Virtual Box. The torrent downloadable URL is also available for this VM; the link is in the sources section at the end of this article.

For those who are new to CTF challenges and are not aware of this platform, VulnHub is a well-known website for security researchers which provide users with a method to learn and practice their hacking skills through a series of challenges in a safe and legal environment.

Please Note: For all of these machines, I have used Oracle Virtual Box to run the downloaded machine. I will be using Kali Linux as an attacker machine for solving this CTF. The techniques used are solely for educational purposes, and I am not responsible if the listed techniques are used against any other targets.

After downloading and running this machine in Virtual Box, we start by running the Netdiscover command to obtain the IP address of the target machine. The command and its output can be seen in the screenshot given below:

Command Used: Netdiscover

As shown in the highlighted area in the above screenshot, we have obtained the Virtual Machine IP address, i.e., 192.168.1.7 (the target machine IP address).

We will be using 192.168.1.11 as the attacker IP address.

Please Note: the target and the attacker IP addresses may be different depending on your network configuration.

So we have the target machine IP; the first step is to (Read more...)