VulnHub Machines Walkthrough Series: SkyTower

Continuing with our series on VulnHub walkthroughs, in this article we will see a walkthrough of another interesting VulnHub machine. This one is called “SkyTower.”

Note: For all these machines, I have used the VMware workstation to provision VMs. Kali Linux VM will be my attacking box. Also, the techniques used are solely for educational purpose. I am not responsible if the listed techniques are used against any other targets.

Walkthrough

Download Link

VM Details-From the Author

• Welcome to SkyTower:1 This CTF was designed by Telspace Systems for the CTF at the ITWeb Security Summit and BSidesCPT (Cape Town). The aim is to test intermediate to advanced security enthusiasts in their ability to attack a system using a multi-faceted approach and obtain the “flag”. You will require skills across different facets of system and application vulnerabilities, as well as an understanding of various services and how to attack them. Most of all, your logical thinking and methodical approach to penetration testing will come into play to allow you to successfully attack this system. Try different variations and approaches. You will most likely find that automated tools will not assist you. We encourage you to try it our for yourself first, give yourself plenty of time and then only revert to the Walkthroughs below. Enjoy! Telspace Systems @telspacesystems

Walkthrough

1. Download the Skytower VM from the above link and provision it as a VM.

2. Following the routine from the series, let’s try to find the IP of this machine using netdiscover. From below, we can see that the IP address is found as 192.168.213.141.

<<netdiscover -r 192.168.213.0/24>>

3. Below is the welcome screen of the SkyTower machine.

4. Let’s start the enumeration process with the nmap scan. Below is the output of the (Read more...)