In this article, we will learn to solve a Capture the Flag (CTF) challenge which was posted on VulnHub by xMagass. According to the information given in the description by the author of the challenge, this is an intermediate-level Capture-the-Flag Challenge (CTF). The target of the CTF is to get the root access of the machine and read the flag files. It has three flags which need to be collected while completing the challenge.
You can download the VM and launch it on Virtual Box with this link. The torrent downloadable URL is also available for this VM, which is given in the reference section at the end of this article.
For those who are new to CTF challenges and are not aware of this platform, VulnHub is a well-known website for security researchers. It provides users with a method to learn and practice their hacking skills through a series of challenges in a safe and legal environment.
Please Note: For all of these machines, I have used Oracle Virtual Box to run the downloaded machine. I would be using Kali Linux as an attacker machine for solving this CTF. The techniques used are solely for educational purposes, and I am not responsible if the listed techniques are used against any other targets.
After downloading and running this machine in Virtual Box, we need to find the target machine’s IP address. For this, I started by running the Netdiscover command to obtain the IP address of the target machine. The command and its output can be seen in the screenshot given below:
Command Used: Netdiscover
As shown in the highlighted area in the above screenshot, we have obtained the virtual machine’s IP address, 192.168.1.11 (the target machine IP address).
We will be using 192. (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Nikhil Kumar. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/_nzl3J2Qy1Q/