GoldenEye 1: CTF Walkthrough, Part 1

In this article we will attempt a capture-the-flag (CTF) challenge called “GoldenEye 1.” This CTF was posted on VulnHub by the author Creosote. Per the description given by the author, this is an intermediate-level machine designed as an OSCP type of vulnerable machines. The goal of this challenge is to read the flag hidden in the root directory.

For those who are new to my articles, vulnhub.com is a platform which provides vulnerable machines for security practitioners to gain hands-on experience in the field of information security. You can go through my previous articles to find solutions to several other machines and learn new techniques. There are a lot of challenging CTF exercises available on vulnhub.com and I highly suggest attempting them, as it is a good way to keep your skills sharp and learn new techniques in a safe environment.

Let’s start to setup this machine for solving the challenge. The link to download the VM to run it in a Virtual Box is here.

Please Note: For all of these machines, I have used Oracle Virtual Box to run the downloaded machine. I will be using Kali Linux as an attacker machine for solving this CTF. The techniques used here are solely for educational purposes, and I am not responsible if the listed techniques are used against any other targets.

The Walkthrough

After running the machine in Virtual Box, we need to identify the target machine IP address. I have used the Netdiscover command for this purpose. The command output can be seen in the screenshot given below:

Command Used: netdiscover

We’ve found it! The target machine IP address for this CTF is 109.168.1.10.

Please Note: The target and the attacker machine IP address may be different depending on your network configuration.

(Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Nikhil Kumar. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/pN0ktAU-j84/